MichaelJun 6

Help me out please Fediverse,

I’m interested in running my own headscale server for the fun of it. I’d probably have 3 users (me, OH, kid), and about a dozen devices (laptops, phones, servers).

What I don’t understand is how authentication works there. The docs mention Open ID. Do I have to set up an Open ID server and provision accounts for everyone? Can people ‘just use passkeys’? I don’t fully understand that part.

#headscale #SelfHosting #AskFedi

Show threadaJun 6
@michael you can create a OIDC service but you don't have to. you can create users in headscale
Show threadMichael
@a How do those users authenticate then?
Jun 6 at 7:21pmWeb
Show threadaJun 6
@michael you create the users in headscale
Show threadaJun 6
@michael
```
 docker exec -it headscale headscale users create username
```

when running in docker
Show threadMichaelJun 6

@a Yes, understood. But after the user is created how does he authenticate?

Say you want to connect a device to the tailnet, you presumably need more than a username.

Show threadaJun 6
@michael like in Tailscale although not such a nice UI. The client register a device, control plane approves it and that’s it