tailscale

WireGuard-based mesh VPN

TLDR

Connect to network

$ tailscale up

Disconnect

$ tailscale down

Show status

$ tailscale status

Show IP addresses

$ tailscale ip

Ping node

$ tailscale ping [hostname]

SSH to node

$ tailscale ssh [user@hostname]

Share file

$ tailscale file cp [file] [hostname:]

Receive files

$ tailscale file get [download_dir]

SYNOPSIS

tailscale [up] [down] [status] [ip] [ping] [ssh] [file] [options]

tailscale creates encrypted mesh networks. Devices connect directly using WireGuard, without central servers forwarding traffic.
Authentication uses SSO providers. After login, devices join your tailnet (Tailscale network). Each device gets a stable IP.
MagicDNS provides hostnames for devices. SSH integration enables authentication without managing keys.
File sharing transfers directly between devices. No cloud storage is involved - files go peer-to-peer.
Exit nodes route traffic through specific devices. This enables secure internet access through trusted locations.
Funnel exposes services to the internet. Serve provides quick HTTP/HTTPS serving with automatic certificates.

PARAMETERS

Connect to Tailscale.

down

Disconnect.

status

Show network status.

ip [-4] [-6]

Show IP addresses.

ping HOST

Ping a Tailscale node.

ssh TARGET

SSH to node.

file cp FILES TARGET:

Copy files.

file get [DIR]

Receive files.

cert DOMAIN

Get TLS certificate.

funnel

Expose to internet.

serve

Serve content.

logout

Log out.

--accept-routes

Accept subnet routes.

--advertise-routes ROUTES

Advertise routes.

--exit-node NODE

Use exit node.

CAVEATS

Requires Tailscale account. Control plane is cloud-based. Some features need paid plan. Network depends on coordination server availability.

HISTORY

Tailscale was founded by Brad Fitzpatrick and others in 2019. It builds on WireGuard to provide easy-to-use mesh VPN, focusing on zero-configuration connectivity.