TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-12 05:37:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

ipn/ipnlocal: reject tailscale up --ssh if disabled on tailnet

Browse Source 
Updates #3802

Change-Id: I3f1e839391fe9b28270f506f4bb8d8e3d36716f5
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick
2022-04-20 11:22:54 -07:00
committed by Brad Fitzpatrick
parent 0ce67ccda6
commit 8b81254992
3 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ipn/ipnlocal/local.go
View File

@@ -1808,6 +1808,10 @@ func (b *LocalBackend) checkPrefsLocked(p *ipn.Prefs) error {
if !canSSH {
return errors.New("The Tailscale SSH server has been administratively disabled.")
}
if b.netMap != nil && b.netMap.SSHPolicy == nil &&
envknob.SSHPolicyFile() == "" && !envknob.SSHIgnoreTailnetPolicy() {
return errors.New("Unable to enable local Tailscale SSH server; not enabled/configured on Tailnet.")
}
}
return nil
}