After buying the vps, login to it using the normal ssh way.
ssh root@<your-ip-address>
after logging in, install tailscale by going to the tailscale dashboard, click Add device, click Linux Server
in the new page, go all the way down and click the Generate Install Script button
it’ll give a script like this.
curl -fsSL https://tailscale.com/install.sh | sh && sudo tailscale up --auth-key=<random-text-blablablabla>
run that command on the vps and we’ll see a message like this
Installation complete! Login in to start using tailscale by runing: tailscale up
there’s a small note here. ie, if we run tailscale up --ssh instead of the recommended command, we can login to this vps without entering password everytime from the devices on our tailscale network.
for getting our tailscale ip address, we can run tailscale ip command.
it’ll output something like 100.94.23.102
from now on, we can login to our vps using this ip address from the devices on our tailscale network and it won’t ask for password.
ie, ssh [email protected] will allow us to connect to our vps from any device on our tailscale network
Since we’ve added our device to the tailscale network, we can block the default ssh port 22 for the rest of the world. we can use ufw for that.
ufw default deny incoming
ufw default allow outgoing
ufw allow in on tailscale0
ufw enable
the above commands will block all incoming traffic from the normal internet, allow outgoing traffic from our vps to the internet and allow any traffic only through tailscale.
if you get errors like ufw: command not found, we first need to install ufw by running this.
apt update && apt install ufw -y
after that, we can rererun the above commands and it should work