[jgeralnik]

But that's the thing - even with double encryption tailscale and your SSO can run commands on your machines

1) Run tailscale --ssh on your server 2) A malicious SSO or tailscale add a new machine to your network and update your ACL such that the new machine can connect to your server 3) ssh from the new machine to run code on your server

The fact that the connection between the malicious machine and your server is double encrypted doesn't affect the attack here at all

[soraminazuki]

By double encryption, I mean using an SSH server other than "tailscale --ssh". No one except yourself can have SSH access if you disable Tailscale's builtin SSH server, use OpenSSH, and generate your own keys for authentication.

[jgeralnik]

Ah, I don't think that's exactly what this thread was about. Ignoring how authorization works, the question was whether there is an advantage to encrypting your commands again (via say ssh) vs. just sending them in plaintext under wireguard (via say rsh)