Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>I wonder if Headscale can also use internal credentials? As far as I remember with tailscale you had to log in with Google or Microsoft which is another total deal-breaker. But I haven't looked at it in ages as the hosted variety was a non starter anyway.

from the project page:

https://github.com/juanfont/headscale

>Node registration

> • Single-Sign-On (via Open ID Connect)

> • Pre authenticated key



Hmm, the SSO is too cumbersome with me (I don't want to set up my own OpenID service just for this). The preauth key might work though. I'll try it out!


But don't you want your own OpenID service? I highly recomment Authelia - easy to set up and works for so many services that allow a custom OIDC service.


Thanks for your tips. If it's that easy then yeah maybe. I would like to do more with fido2. And keycloak is indeed complex.

I would need more security keys but it sounds like there is a non-gui method? That'd be fine for me.


with the red flag that they don't support registering multiple security keys via gui

why im still using keycloak


I wouldn't consider this a red flag, but a missing feature.

But nothing against keycloak - keycloak is the gold standard. But compared to Authelia, Keycloak is really cumbersome to get up and running and also to maintain.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: