My issue is that many of my remote desktop apps require knowing the IP adress of the other PC. I’m looking for a VPN that auto-discovers other devices on the same network. That way I could just “ssh” into the same IP every time, because it would be IP inside of a virtual network. Ideally I am looking a solution that does not require internet connection.
Thanks.
I’m looking for a VPN that auto-discovers other devices on the same network.
What does that mean? What are you actually trying to do?
Ipv6, Nebula, headscale, tailscale
Headscale is a downstream of tailscale, meaning it has a fraction of the features and is maintained by Tailscale employees.
But great for less trust.
Yeah, but tailscale forces you to use logins from proprietary platforms, which is the reason I don’t use it. It doesn’t support a simple account creation and login with just an email and password.
AFAIK they allow custom OIDC providers now.
Really?? This is crazy.
Afaik headscale is the selfhosted server. You can likely login however you want.
Tail scale is currently in the building goodwill phase of the startup, there will come a day when the enshitification starts
I mean, Github is literally the source of 2 operating systems I run. And most of my apps.
couldnt you use device / hostname instead?
Not sure I understand either but when I need to tinker with devices from another network through the Internet I usually rely on Tailscale or setup my own dedicated VPN using e.g OpenVPN.
You can configure wireguard to achieve this solution.
You can always enable mDNS/DNS-SD (aka zeroconf) protocol as well
Thanks, I did not know about mDNS. I will use this.
DNS hostnames
I don’t want to be mean but searching “DNS hostnames” just gives generic AI generated “DNS explained” articles. This answer is helpful only if you already know that mDNS exists.
Sorry was busy but wanted to make the comment at least earlier. I think .local is specific to mDNS, but using just the hostname (ie; mypcname) should work as well.
Bit confused about what you’re looking for. If you’re just SSH/VNC ing into devices on the same local network, then you can simply use their local IP address, which you can find with a command like
ip addr
and will rarely change, or their hostname if your network is configured properly. There are several GUIs that can remember connection info for you, so you likely will only need it once. It’s also quite easy to scan the local network for SSH servers if you have nmap (nmap -p22 <your ip address range, e.g. 192.168.0.1/24>
). If you need to connect to a device on your home network from a different network, any VPN software can achieve that. I’m not aware of any remote desktop solution that doesn’t require a network connection, but your network doesn’t necessarily need to be connected to the Internet.Are you looking for a GUI that combines all those things?
I don’t think you need a VPN here since you’re using an already secure protocol. Sounds like you’re mostly wanting a static IP address. You can configure the local router to hand out static IPs. Local DNS works too.
Static IPs are not a thing in most countries. You need an overlay network or dynamic DNS like NoIP.
Static IPs handed out by your local router are not dependent on having a static IP from your ISP. You do not need one to have the other. You can always have static IPs on your local network.
Ah okay but is that useful in many cases? Only when you are home.
mDNS solves this. It may actually work out of the box. Try ssh’ing into your-device-name.local. If that fails, check your devices’ names and if they have Avahi/Bonjour/mDNS enabled.
Something like Tailscale will set up a VPN with hostnames and IP addresses for you (and you can host your own entry server if you don’t want to use the cloud stuff). That’ll work across networks. It’ll also add overhead and it’s probably overkill for your use case, though.
Thanks, it does indeed work. I guess I’ll add a wireguard tunnel so that I won’t have to bother with the “do you trust the fingerprint?” every time I’m on a different network or when the IP changes.
If you use the .local syntax, and the device name stays the same, I think the domain name based fingerprint should prevent the “do you trust this fingerprint” problem.
If you want to avoid the question all together, you could set up an SSH certificate authority (quick guide here, less dense guides are available on the internet). By signing the servers’ host keys, you can prevent the trust on first use prompt entirely, even for servers you may not have logged into before.
Actually I want to use the wireguard tunnel regardless because right now I am tunneling VNC through SSH, which is laggy because it’s TCP. But thanks either way.
Ah, in that case I would definitely recommend taking a look at Tailscale!