As in, would they be able to access your server?
You must log in or register to comment.
The official service is bound to need a SSO login from bad privacy related providers. They insist in not allowing a simple account creation with just email and password.
The biggest downside, as I understand it, is that it’s difficult to convince others to use your tailnet
You can enable Funnel, which doesn’t require others to have the TS client.
Had no idea that existed, I wonder what the security is like
The WireGuard encryptions stops when data reaches their servers and the data is re-encrypted to be sent to the client. So, theoretically, they can look at all the data being passed through.
Read more here about TLS termination and TLS passthrough. https://blog.aiquiral.me/bypass-cgnat
