TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-26 19:45:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
1ec0273473
tailscale/ipn
History
Anton Tolchanov 32120932a5 cmd/tailscale/cli: print node signature in tailscale lock status 
- Add current node signature to `ipnstate.NetworkLockStatus`;
- Print current node signature in a human-friendly format as part
  of `tailscale lock status`.

Examples:

```
$ tailscale lock status
Tailnet lock is ENABLED.

This node is accessible under tailnet lock. Node signature:
SigKind: direct
Pubkey: [OTB3a]
KeyID: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943
WrappingPubkey: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943

This node's tailnet-lock key: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943

Trusted signing keys:
	tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943	1	(self)
	tlpub:6fa21d242a202b290de85926ba3893a6861888679a73bc3a43f49539d67c9764	1	(pre-auth key kq3NzejWoS11KTM59)
```

For a node created via a signed auth key:

```
This node is accessible under tailnet lock. Node signature:
SigKind: rotation
Pubkey: [e3nAO]
Nested:
  SigKind: credential
  KeyID: tlpub:6fa21d242a202b290de85926ba3893a6861888679a73bc3a43f49539d67c9764
  WrappingPubkey: tlpub:3623b0412cab0029cb1918806435709b5947ae03554050f20caf66629f21220a
```

For a node that rotated its key a few times:

```
This node is accessible under tailnet lock. Node signature:
SigKind: rotation
Pubkey: [DOzL4]
Nested:
  SigKind: rotation
  Pubkey: [S/9yU]
  Nested:
    SigKind: rotation
    Pubkey: [9E9v4]
    Nested:
      SigKind: direct
      Pubkey: [3QHTJ]
      KeyID: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943
      WrappingPubkey: tlpub:2faa280025d3aba0884615f710d8c50590b052c01a004c2b4c2c9434702ae9d0
```

Updates tailscale/corp#19764

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
2024-05-31 10:11:25 +01:00
..
conffile cmd/tailscaled, ipn/conffile: support ec2 user-data config file 2024-05-30 09:49:18 -07:00
ipnauth go.mod, all: move away from inet.af domain seized by Taliban 2024-02-13 19:21:09 -08:00
ipnlocal cmd/tailscale/cli: print node signature in tailscale lock status 2024-05-31 10:11:25 +01:00
ipnserver ipn/ipnserver: close a small race in ipnserver, ~simplify code 2024-05-07 21:27:06 -07:00
ipnstate cmd/tailscale/cli: print node signature in tailscale lock status 2024-05-31 10:11:25 +01:00
localapi ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
policy ipn,tailconfig: clean up unreleased and removed app connector service 2023-11-09 22:36:52 -08:00
store cmd/containerboot,kube,ipn/store/kubestore: allow interactive login on kube, check Secret create perms, allow empty state Secret (#11326) 2024-04-29 17:03:48 +01:00
backend.go ipn: remove unused Options.LegacyMigrationPrefs 2024-04-15 22:13:53 -07:00
conf.go cmd/k8s-operator,cmd/containerboot,ipn,k8s-operator: turn off stateful filter for egress proxies. (#12075) 2024-05-10 16:32:37 +01:00
doc.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
ipn_clone.go ipn,wgengine: remove vestigial Prefs.AllowSingleHosts 2024-05-17 20:50:19 -07:00
ipn_test.go all: do not depend on the testing package 2024-05-24 05:23:36 -07:00
ipn_view.go ipn,wgengine: remove vestigial Prefs.AllowSingleHosts 2024-05-17 20:50:19 -07:00
prefs_test.go ipn,wgengine: remove vestigial Prefs.AllowSingleHosts 2024-05-17 20:50:19 -07:00
prefs.go various: disable stateful filtering by default (#12197) 2024-05-20 11:44:29 -07:00
serve_test.go {ipn/serve,cmd/tailscale/cli}: move some shared funcs to ipn 2024-03-05 14:30:38 -05:00
serve.go serve.go, tsnet.go: Fix "in in" typo (#12279) 2024-05-29 14:11:00 -07:00
store_test.go ipn: avoid useless no-op WriteState calls 2023-08-07 08:44:24 -07:00
store.go ipn: add comment about thread-safety to StateStore 2024-03-06 12:42:18 -06:00