Setting up tailscale Link to heading One sad thing is that the host currently exposes SSH over the Internet. There is also a risk of accidentally exposing another service. To mitigate this risk, we can use modern VPNs and add additional firewalls on the Hetzner side. To avoid the hassle of managing my keys, I’ll be using a generous tailscale free tier. To enable tailscale, we’ll have to add one line in our configuration:
