TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-26 03:25:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
32120932a5
tailscale/ipn/ipnlocal
History
Anton Tolchanov 32120932a5 cmd/tailscale/cli: print node signature in tailscale lock status 
- Add current node signature to `ipnstate.NetworkLockStatus`;
- Print current node signature in a human-friendly format as part
  of `tailscale lock status`.

Examples:

```
$ tailscale lock status
Tailnet lock is ENABLED.

This node is accessible under tailnet lock. Node signature:
SigKind: direct
Pubkey: [OTB3a]
KeyID: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943
WrappingPubkey: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943

This node's tailnet-lock key: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943

Trusted signing keys:
	tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943	1	(self)
	tlpub:6fa21d242a202b290de85926ba3893a6861888679a73bc3a43f49539d67c9764	1	(pre-auth key kq3NzejWoS11KTM59)
```

For a node created via a signed auth key:

```
This node is accessible under tailnet lock. Node signature:
SigKind: rotation
Pubkey: [e3nAO]
Nested:
  SigKind: credential
  KeyID: tlpub:6fa21d242a202b290de85926ba3893a6861888679a73bc3a43f49539d67c9764
  WrappingPubkey: tlpub:3623b0412cab0029cb1918806435709b5947ae03554050f20caf66629f21220a
```

For a node that rotated its key a few times:

```
This node is accessible under tailnet lock. Node signature:
SigKind: rotation
Pubkey: [DOzL4]
Nested:
  SigKind: rotation
  Pubkey: [S/9yU]
  Nested:
    SigKind: rotation
    Pubkey: [9E9v4]
    Nested:
      SigKind: direct
      Pubkey: [3QHTJ]
      KeyID: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943
      WrappingPubkey: tlpub:2faa280025d3aba0884615f710d8c50590b052c01a004c2b4c2c9434702ae9d0
```

Updates tailscale/corp#19764

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
2024-05-31 10:11:25 +01:00
..
testdata ipn/ipnlocal: fix the path for writing cert files (#7203) 2023-02-07 14:34:04 -08:00
breaktcp_darwin.go cmd/tailscale: add debug commands to break connections 2023-08-11 06:37:26 -07:00
breaktcp_linux.go cmd/tailscale: add debug commands to break connections 2023-08-11 06:37:26 -07:00
c2n_pprof.go ipn/ipnlocal: add c2n /debug/pprof/allocs endpoint 2024-03-22 17:29:59 -05:00
c2n_test.go util/cmpx: delete now that we're using Go 1.22 2024-02-07 18:10:15 -08:00
c2n.go ipn/ipnlocal: support c2n updates with old systemd versions (#12296) 2024-05-30 16:55:02 -07:00
cert_js.go ipn/ipnlocal: add c2n method to check on TLS cert fetch status 2023-11-16 14:08:38 -08:00
cert_test.go all: use Go 1.21 slices, maps instead of x/exp/{slices,maps} 2023-08-17 08:42:35 -07:00
cert.go ipn/ipnlocal: remove ancient transition mechanism for https certs 2024-02-17 10:33:11 -08:00
dnsconfig_test.go util/cmpx: delete now that we're using Go 1.22 2024-02-07 18:10:15 -08:00
drive.go ipn/ipnlocal: reuse transport across Taildrive remotes 2024-05-03 16:07:52 -05:00
expiry_test.go types/netmap, all: make NetworkMap.SelfNode a tailcfg.NodeView 2023-08-21 13:34:49 -07:00
expiry.go ssh/tailssh: use control server time instead of local time 2023-11-17 11:10:11 -06:00
local_test.go ipn/ipnlocal: allowed suggested exit nodes policy (#12240) 2024-05-27 16:22:36 -04:00
local.go ipn/ipnlocal: allowed suggested exit nodes policy (#12240) 2024-05-27 16:22:36 -04:00
loglines_test.go ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
network-lock_test.go ipn/ipnlocal: plumb health.Tracker into profileManager constructor 2024-05-03 08:25:38 -07:00
network-lock.go cmd/tailscale/cli: print node signature in tailscale lock status 2024-05-31 10:11:25 +01:00
peerapi_h2c.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
peerapi_macios_ext.go net/netmon, add: add netmon.State type alias of interfaces.State 2024-04-28 07:34:52 -07:00
peerapi_test.go ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
peerapi.go net/{interfaces,netmon}, all: merge net/interfaces package into net/netmon 2024-04-28 07:34:52 -07:00
profiles_notwindows.go ipn/ipnlocal: fix profile duplication 2023-08-08 13:43:37 -06:00
profiles_test.go various: disable stateful filtering by default (#12197) 2024-05-20 11:44:29 -07:00
profiles_windows.go ipn/ipnlocal: set default NoStatefulFiltering in ipn.NewPrefs (#12031) 2024-05-07 11:28:22 -06:00
profiles.go various: disable stateful filtering by default (#12197) 2024-05-20 11:44:29 -07:00
serve_test.go ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
serve.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
ssh_stub.go ipnlocal: log failure to get ssh host keys 2024-01-30 16:57:16 -06:00
ssh_test.go ipn/ipnlocal: plumb health.Tracker into profileManager constructor 2024-05-03 08:25:38 -07:00
ssh.go ipnlocal: log failure to get ssh host keys 2024-01-30 16:57:16 -06:00
state_test.go control/controlclient: delete unused Client.Login Oauth2Token field 2024-05-17 19:51:18 -07:00
taildrop.go ipn/localapi: add support for multipart POST to file-put 2024-03-27 08:53:52 -05:00
web_client_stub.go ipn/ipnlocal: add mutex to webClient struct 2023-11-15 17:57:48 -05:00
web_client.go all: remove LenIter, use Go 1.22 range-over-int instead 2024-02-25 12:29:45 -08:00