ClawHub

Tailscale VPN

v1.0.0

Tailscale安全组网工具 - 基于WireGuard的虚拟组网,安全内网穿透,不暴露公网IP,点对点加密连接。适用于远程访问、居家办公、服务器管理。

0· 31·0 current·0 all-time
bySMS@smseow001
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and all instructions focus on installing, configuring, and using Tailscale (WireGuard-based VPN). There are no unrelated credential requests, binaries, or config paths.
Instruction Scope
SKILL.md stays on-topic (install, login, common commands, ACLs, advanced features). It instructs running the official tailscale install script (curl https://tailscale.com/install.sh | sh) and CLI commands; piping a remote script to sh is common for convenience but has inherent risk if the URL were malicious — here the URL is the official domain.
Install Mechanism
There is no embedded install spec (skill is instruction-only). The guide recommends official install methods (package managers and the tailscale.com install.sh). This is proportional but the remote-install pipe is the only notable installer action and should be verified before execution.
Credentials
The skill requests no environment variables, credentials, or config paths. All recommended actions (login via browser, sudo for tailscaled) are consistent with installing a system VPN client.
Persistence & Privilege
Skill flags are default (always:false, agent-invocable allowed). It does not request permanent inclusion or modify other skills; instructions involve running a system service (tailscaled) which legitimately requires administrative privileges during install.
Assessment
This is a straightforward Tailscale installation and usage guide. Before running any install commands: 1) verify URLs (tailscale.com) to ensure they are official; 2) prefer your OS package manager or vendor packages over piping unknown scripts when possible; 3) installs require sudo and will create network interfaces and services (tailscaled); 4) be careful when enabling subnet routes or using an Exit Node — those change what traffic is routed through your devices and may require admin approval; 5) do not provide unrelated credentials to this skill. If you are in a managed environment, consult your admin before installing network software.

Like a lobster shell, security has layers — review code before you run it.

latestvk978yfyvdm45kpxgaegd8sn3zd852nkknetworkvk978yfyvdm45kpxgaegd8sn3zd852nkkremote-accessvk978yfyvdm45kpxgaegd8sn3zd852nkksecurityvk978yfyvdm45kpxgaegd8sn3zd852nkktailscalevk978yfyvdm45kpxgaegd8sn3zd852nkkvpnvk978yfyvdm45kpxgaegd8sn3zd852nkkwireguardvk978yfyvdm45kpxgaegd8sn3zd852nkk
31downloads
0stars
1versions
Updated 1d ago
v1.0.0
MIT-0
SMS@smseow001
latestnetworkremote-accesssecuritytailscalevpnwireguard
Download

Tailscale 安全组网

触发词: Tailscale组网 / Tailscale安装 / 安全远程访问

官网: https://tailscale.com

什么是 Tailscale?

基于 WireGuard 的虚拟组网工具:

  • 🌐 把你所有设备组成虚拟安全网络
  • 🔒 端到端加密,不暴露公网IP
  • ⚡ 点对点直连,延迟低
  • 🔓 无需配置路由器/端口映射

核心优势

特性Tailscale传统VPN
连接方式WireGuard P2P中心服务器
公网暴露❌ 不暴露⚠️ 可能暴露
延迟低(P2P直连)高(中转)
配置极简复杂
设备数100+免费通常有限

工作原理

传统方式(危险):
你的设备 → 公网IP → 暴露风险 → 被攻击

Tailscale方式(安全):
你的设备 → Tailscale加密隧道 → 对方设备
                ↓
         不暴露公网IP

安装步骤

1️⃣ 注册账号

  1. 访问 https://login.tailscale.com
  2. 用 GitHub/Google/Microsoft 注册
  3. 免费版支持 100台设备

2️⃣ 安装客户端

Windows:

# 下载安装
https://tailscale.com/download/windows
# 或用 winget
winget install Tailscale.Tailscale

macOS:

# 用 Homebrew
brew install tailscale
# 或 App Store 下载

Linux:

# 一键安装
curl -fsSL https://tailscale.com/install.sh | sh

# 启动服务
sudo tailscaled up

iOS/Android: App Store / Play Store 搜索 "Tailscale" 下载

3️⃣ 连接登录

# 启动并登录
tailscale up

# 会自动打开浏览器授权

4️⃣ 查看网络

# 查看所有设备
tailscale status

# 示例输出:
# 100.x.x.x   macbook
# 100.x.x.x   desktop
# 100.x.x.x   phone

常用命令

# 连接/断开
tailscale up
tailscale down

# 查看状态
tailscale status

# 分享设备给其他用户
tailscale share

# 访问另一台设备(像本地一样)
ssh 100.x.x.x
ping 100.x.x.x
\\100.x.x.x\c$  # Windows共享

# 退出登录
tailscale logout

高级功能

1️⃣ 子网路由(访问整个局域网)

# 假设局域网是 192.168.1.0/24
sudo tailscale up --advertise-routes=192.168.1.0/24

# 在管理后台批准路由
# https://login.tailscale.com/acls

2️⃣ Exit Node(用其他设备上网)

# 把某设备设为出口节点
tailscale up --exit-node=100.x.x.x

# 其他设备通过它上网

3️⃣ 配合远程桌面

RustDesk + Tailscale:

# 1. 两台设备都加入Tailscale网络
# 2. 获取对方IP(如 100.105.1.200)
# 3. RustDesk连接 100.105.1.200

优势:

  • ✅ 不暴露公网IP
  • ✅ 加密P2P连接
  • ✅ 无需设置端口转发

ACL 访问控制

https://login.tailscale.com/admin/acls 设置谁可以访问谁:

{
  "acls": [
    {"action": "accept", "src": ["group:tech"], "dst": ["*:*"]}
  ]
}

安全优势

风险Tailscale解决方案
公网IP暴露✅ 使用100.x.x.x虚拟IP
中间人攻击✅ WireGuard端到端加密
未授权访问✅ Tailscale认证 + ACL
端口映射✅ 无需端口映射

使用场景

场景说明
🏠 居家办公访问公司内网资源
🖥️ 远程桌面连接家里/公司电脑
🖥️ 服务器管理SSH/远程管理服务器
📱 跨设备同步文件共享、剪贴板
🔒 安全访问不暴露公网的服务

搭配推荐

最佳组合:

Tailscale(安全组网)+ RustDesk(远程控制)

优势:

  • 公网IP完全隐藏
  • 端到端加密
  • 无需配置路由器
  • 延迟低,体验好

故障排除

问题解决方案
无法连接检查 tailscale status
延迟高尝试不同出口节点
设备不在线确保客户端运行中
ACL限制检查管理后台设置

安装状态

检查是否已安装:

which tailscale
tailscale version

基于 WireGuard | 安全组网专家

Comments

Loading comments...