Bug #16342
open
Incorrect behavior of logout button in Tailscale
Added by aleksei prokofiev about 1 month ago.
Updated 18 days ago.
Affected Plus Version:
24.11
Affected Architecture:
All
Description
Tailscale after press "Logout and Clean" button and then try to start connection again, it will produce error in the status that aut-key no valid
In the Tailscale admin panel in the server it will consider this connection as from different instance.
So if I switch to the reused key, yach time I do logout and connect again it will create a new instance in admin panel in Tailscale server.
Tested on 24.11 and 25.07-RC
Tailscale 1.76.1 and 1.82.5
Files
Also, if change working key to different, save changes and then put working key back it won't connect and key will be no valid.
- Status changed from New to Confirmed
Can confirm this issue in latest pfSense development versions
This issue is not limited to clicking the log out button in Tailscale.
In my case, I’m experiencing the same problem without ever logging out manually.
It seems to occur when the firewall is rebooted. Upon reboot, the Tailscale key appears to become corrupted or invalid.
My suspicion is that the problem is related to how the key is stored and later retrieved — possibly resulting in a faulty or incomplete key during the fetch process.
I'm seeing different behavior here.
When using a reusable preauth key, if I click `Logout and Clean`, the local Tailscale instance logs out and clears the local state cache. However, if I restart Tailscale with the same preauth key, Tailscale reauthenticates and creates a new machine node in the Admin Panel. This is expected behavior.
What else am I missing here?
I'm not seeing this:
it will produce error in the status that aut-key no valid
I believe since the log out and clean button is on the authentication page, the expectation is that the pre-auth key would potentially be cleared. even if you just enter a random string and save it, it doesn't clear with the log out and clean button.
Retested on 25.07.1
stepes:
1. Create key in admin panel
2. Setup Tailscale on pfSense using this key and connect instance
3. Change key in pfSense to any wrong key or random number and save
4. Put correct key back and save
5. You can't connect any more with this key
If you use a Reusable key and try to provided these steps, so each time when you put back correct key it will create new instance in admin panel.
confirmed above behavior with 25.07.1 and tailscale 0.1.8
aleksei prokofiev wrote in #note-6:
Retested on 25.07.1
stepes:
1. Create key in admin panel
2. Setup Tailscale on pfSense using this key and connect instance
3. Change key in pfSense to any wrong key or random number and save
4. Put correct key back and save
5. You can't connect any more with this key
If you use a Reusable key and try to provided these steps, so each time when you put back correct key it will create new instance in admin panel.
Thanks for the repro steps. I will try again
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 