llm/0c2f997f-ee88-4da1-8587-79dca97bbc3f/topic-6-1dccb0af-f0d9-4708-86ab-d62fb32b6adb-input.json
You are a comment summarizer. Given a topic and a list of comments tagged with that topic, write a single paragraph summarizing the key points and perspectives expressed in the comments. TOPIC: Tailscale VPN Security COMMENTS: 1. This is a pretty sophisticated setup. I particularly like how it uses Tailscale. I've been using the simpler but not as flexible alternative: I'm running Claude Code for web (Anthropic's version of Codex Cloud) via the Claude iPhone app, with an environment I created called "Everything" which allows all network access. (This is moderately unsafe if you're working with private source code or environment variables containing API keys and other secrets, but most of my stuff is either open source or personal such that I don't care if the source code leaks.) Anthropic run multiple ~21GB VMs for me on-demand to handle sessions that I start via the app. They don't charge anything extra for VM time which is nice. I frequently have 2-3 separate Claude Code for web sessions running at once, often prompted from my phone, some of them started while I'm out walking the dog. Works really well! 2. I don't like claude code web due to its lack of planning mode. I found the result is often lackluster compare to claude code cli. My current setup: Tailscale + Terminus(ipad) + home machine(code base) Need to look into how to work on multiple features at the same time next. 3. Same here, I’m vibecoding a toy project where I never looked at the code from my phone, but I always seat for work. I’m using happy app and that’s good enough for now, I have the desktop in tailscale but I access it that way just for testing 4. You also don't need fail2ban, if the entire VM is behind a firewall that only allows the tailscale coordination traffic, nothing is going to reach the VM for fail2ban to work on. 5. Hah, I set up basically the same thing on Saturday during a long car ride. Couple of differences: I’m an opencode user and I used a different VPS provider (though I use vultr for other things). It was my first time actually sitting down and using tailscale, which was quite easy to get going. Did everything from my phone, didn’t even have my laptop with me. 6. I have a feeling most of these folks are talking about personal projects or work on relatively small products. I have a good amount of personal projects that I haven’t written a line of code for. After bootstrapping an MVP, I can almost entirely drive by having Claude pick up GitHub issues. They’re small codebases though. My day job is mostly a gigantic codebases that seem to still choke the best models. Also there’s zero way I’d be allowed to tailscale to my work computer from my phone. 7. This is interesting. Particularly the notifications flow. I run a simpler setup with webssh on my iPhone over WG back to my LAN and manage Claude that way. It’s fine, and can handle disconnects (with some big cons). I can run code-server via browser on my iPad and can get all the same benefits mosh provides. One thing to note: the VM seems like an absolute waste of money. If you are using tailscale, might as well connect back to bare metal VMs you can run at home. Save yourself some coin. 8. I've been running a variation of this for the past 3 weeks. I swapped out the default pi agent back to Claude Code because I didn't like the smaller feature set. Bought a phone line and communicate with my agent via iMessage on a clamshelled mac. A Tailscale network connect the head agent to all the computers on my network including my laptop, a few raspberry pi's, steam deck, and all the IoT devices in my house. As I discover new uses, I ask it to make skills and it is remarkable what it's been able to handle all through the single chat interface because it has 24/7 access to all my computers' file systems and my home network. It's been really fun to see how far I can take it, and the skills framework built into CC/Codex now make it feel infinitely extensible. 9. I'm almost there. I also have tailclscale/SSH/Claude sessions on a VM. The thing I'm missing is a phone that makes it comfy. I could just SSH feom my standard S23, but what I've got my eye on is one of those foldable things. Has anyone used one like a laptop? Keyboard on the bottom half, terminal on the top? Does it work decently? 10. What happens when your tailscale session expires? Or if tailscale dies. How do you log back in to fix it? 11. I do the same, but with ConnectBot and Gemini CLI. I have found ssh sufficiently good (mosh required some port forwarding dance, that Tailscale may have solved for the author). 12. “ Worst case: Claude does something unexpected on a disposable VM.” .. with a valid SSH key unless I’m reading it wrong? 13. I think the SSH key that has push permissions is SSH-forwarded. It is quite a sophisticated setup (in both a good and a bad sense). Write a concise, engaging paragraph (3-5 sentences) that captures the main ideas, notable perspectives, and overall sentiment of these comments regarding the topic. Focus on the most interesting and representative viewpoints. Do not use bullet points or lists - write flowing prose.
Tailscale VPN Security
13