mirrors
/
tailscale
mirror of https://github.com/tailscale/tailscale.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
tailscale/tka
History
Anton Tolchanov 32120932a5 cmd/tailscale/cli: print node signature in `tailscale lock status` 
- Add current node signature to `ipnstate.NetworkLockStatus`;
- Print current node signature in a human-friendly format as part
  of `tailscale lock status`.

Examples:

```
$ tailscale lock status
Tailnet lock is ENABLED.

This node is accessible under tailnet lock. Node signature:
SigKind: direct
Pubkey: [OTB3a]
KeyID: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943
WrappingPubkey: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943

This node's tailnet-lock key: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943

Trusted signing keys:
	tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943	1	(self)
	tlpub:6fa21d242a202b290de85926ba3893a6861888679a73bc3a43f49539d67c9764	1	(pre-auth key kq3NzejWoS11KTM59)
```

For a node created via a signed auth key:

```
This node is accessible under tailnet lock. Node signature:
SigKind: rotation
Pubkey: [e3nAO]
Nested:
  SigKind: credential
  KeyID: tlpub:6fa21d242a202b290de85926ba3893a6861888679a73bc3a43f49539d67c9764
  WrappingPubkey: tlpub:3623b0412cab0029cb1918806435709b5947ae03554050f20caf66629f21220a
```

For a node that rotated its key a few times:

```
This node is accessible under tailnet lock. Node signature:
SigKind: rotation
Pubkey: [DOzL4]
Nested:
  SigKind: rotation
  Pubkey: [S/9yU]
  Nested:
    SigKind: rotation
    Pubkey: [9E9v4]
    Nested:
      SigKind: direct
      Pubkey: [3QHTJ]
      KeyID: tlpub:44a0e23cd53a4b8acc02f6732813d8f5ba8b35d02d48bf94c9f1724ebe31c943
      WrappingPubkey: tlpub:2faa280025d3aba0884615f710d8c50590b052c01a004c2b4c2c9434702ae9d0
```

Updates tailscale/corp#19764

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
 		2024-05-31 10:11:25 +01:00
..
aum.go all: use new AppendEncode methods available in Go 1.22 (#11079) 2024-02-08 17:55:03 -08:00
aum_test.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
builder.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
builder_test.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
chaintest_test.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
deeplink.go tka: add function for generating signing deeplinks (#8385) 2023-06-20 09:36:37 -07:00
deeplink_test.go tka: add function for generating signing deeplinks (#8385) 2023-06-20 09:36:37 -07:00
key.go tka: guard against key-length panics when verifying signatures 2023-07-19 15:33:01 -05:00
key_test.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
scenario_test.go all: cleanup unused code, part 1 (#10661) 2023-12-20 14:50:30 -08:00
sig.go cmd/tailscale/cli: print node signature in `tailscale lock status` 2024-05-31 10:11:25 +01:00
sig_test.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
state.go tka: clarify field comment 2023-11-27 18:35:33 -05:00
state_test.go various: add golangci-lint, fix issues (#7905) 2023-04-17 18:38:24 -04:00
sync.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
sync_test.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
tailchonk.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
tailchonk_test.go tka: fix go vet complaint on copy of lock value in tailchonk_test.go (#8208) 2023-05-25 13:34:13 -07:00
tka.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
tka_test.go all: implement lock revoke-keys command 2023-08-01 15:37:55 -05:00