Get started
© 2024

Re-authenticating under tailnet lock

When tailnet lock is enabled, each of your nodes stores tailnet-lock keys and other important data that should be preserved. As such, it's important to re-authenticate your existing nodes when they expire, rather than login again.

I got an error logging in, what should I do?

If you see the following error after attempting to login:

You have a locked tailnet and this machine has already been registered. Please either delete the machine from the admin console and retry, or switch back to the profile and reauth.

That means that your login would have overwritten an existing login on your device, resulting in the destruction of a tailnet lock key and a locked out node.

Instead, reauthenticate your existing login by switching back to it and re-authenticating:

tailscale switch <your-username>
tailscale up --force-reauth

If you did mean to overwrite your previous node with a new login, delete the machine from within the admin console before logging in again.