[kimixa]

Isn't that just the same thing in different clothes? Just a different protocol offering the same features of authentication and encryption - often using exactly the same primitives?

Is it "Security through obscurity" assuming fewer people are attacking vpn protocols that than ssh? And I'm not sure that's even true

[walterbell]

Plus a centralized identity provider, which is a plus or minus depending on your threat model, https://tailscale.com/kb/1013/sso-providers

[yau8edq12i]

Introducing obscurity to the process doesn't make it insecure. Criticism of "security through obscurity" is that security shouldn't rely on obscurity. The system should remain secure even if the attacker knows every detail of your system. Here the point of the "obscurity" (if you can call it that) is to avoid blowing up your logs and wasting compute cycles and energy on attempts that will fail anyway.