Set up servers
A server in Tailscale is a device that provides resources or services to other devices in your Tailscale network (known as a tailnet). Unlike user devices which authenticate through your identity provider, servers are typically non-human devices that require different authentication methods, such as tags and auth keys. Servers can be physical machines, virtual machines, or cloud instances that run services like web applications, databases, or file shares.
Authenticate devices and verify identity
Unlike user devices, which authenticate through identity providers, servers need a different approach. Tailscale provides tags for server identify management and auth keys for automated authentication.
Setting up a server on your Tailscale network
Add a server to your tailnet and verify its connection.
Group devices with tags
Create and manage tags to identify servers and other non-human devices.
Auth keys
Generate and manage authentication keys for automated server deployment.
Ephemeral nodes
Configure servers that automatically remove themselves from your tailnet.
Secure remote access and enable TLS connections
After you authenticate your servers, you need secure ways to access and manage them. Tailscale provides built-in support for both SSH and HTTPS access.
Tailscale SSH eliminates the complexity of traditional SSH key management. It automatically handles key distribution and user authentication based on your existing identity provider permissions.
Tailscale SSH
Configure zero-configuration SSH access using your identity provider credentials.
Tailscale secures connections between tailnet devices with end-to-end encryption. However, some applications are not aware of that and might warn users or disable features based on the fact that HTTP URLs to your tailnet services look unencrypted because they’re not using TLS certificates. You can prevent these problems by configuring your tailnet to use HTTPS.
Enabling HTTPS
Enable HTTPS for your tailnet so servers can provision TLS certificates.