Warning: Some posts on this platform may contain adult material intended for mature audiences only. Viewer discretion is advised. By clicking ‘Continue’, you confirm that you are 18 years or older and consent to viewing explicit content.
The public keys are stored on the server (by necessity) but not the private keys. The actual connection is directly between two of your own machines, or routed through a DERP server (encrypted end-to-end) in rare cases.
But if you’re concerned, you can instead self host headscale or netbird.
The public keys can be stored anywhere, it doesn’t matter. That’s why they’re called public: because they’re not private, they’re not sensitive, they’re not a secret.
The public keys are stored on the server (by necessity) but not the private keys. The actual connection is directly between two of your own machines, or routed through a DERP server (encrypted end-to-end) in rare cases.
But if you’re concerned, you can instead self host headscale or netbird.
The public keys can be stored anywhere, it doesn’t matter. That’s why they’re called public: because they’re not private, they’re not sensitive, they’re not a secret.