Magisk Tailscaled Save

Magisk/KernelSU module for running Tailscale on rooted Android devices. The easiest, most secure way to use WireGuard and 2FA.

Project README

anasfanani - Magisk-Tailscaled Check and Update Tailscale Binary Github All Releases GitHub release issues - Magisk-Tailscaled

Magisk Tailscaled

This repository contains a Magisk module for running Tailscale on rooted Android devices.

What is Tailscale?

Tailscale is a networking tool that allows you to connect each of your devices as if they were on the same VPN. For example, an Android phone connected to the Tailscale network can communicate with any other device connected to Tailscale. You can install it on your PC and Android device and then connect them using the Tailscale IP. For more information, check out How Tailscale Works.

Difference between this Magisk module and the Tailscale app on Play Store

The Tailscale app on the Play Store runs with Android's VPN, which means you can't use Tailscale while another VPN is active. This Magisk module, on the other hand, allows you to use both an Android VPN and Tailscale at the same time.

Requirements

  • A basic networking knowledge.
  • An Android device with Magisk root installed.

Quick Start & Installation

  1. Download the latest zip file from the Releases page.
  2. Install the downloaded zip file using Magisk & reboot your phone.
  3. Open the Terminal.
  4. Login with su -c tailscale login
  5. Disable accept-dns su -c tailscale set --accept-dns=false
  6. Run 'tailscale login' to login to your Tailscale account.
  7. Open the URL in a browser to authorize your device.
  8. Run 'tailscale ip' to retrieve your Tailscale IP.
  9. Alternatively, you can open the Tailscale Admin Dashboard to manage your devices.

After installation, the Tailscale daemon (tailscaled) will run automatically on boot.

Limitation

  • This module only support for arm or arm64 architecture, you can download manually.
  • Tailscale binary is designed to run in Linux environment, Some feature might not works properly.
  • MagicDNS currently not working.

Usage

This module runs tailscaled with the following command:

tailscaled -tun=userspace-networking -statedir=/data/adb/tailscale/tmp/ -state=/data/adb/tailscale/tmp/tailscaled.state -socket=/data/adb/tailscale/tmp/tailscaled.sock -port=41641

This command uses a userspace network stack instead of the kernel's network stack, which can be useful on devices where the kernel's network stack is not compatible with Tailscale. The state file for tailscaled is stored at /data/adb/tailscale/tmp/tailscaled.state, and the log output is written to /data/adb/tailscale/run/tailscaled.log.

Example of Using Tailscale

SSH to Termux

You can use Tailscale to connect SSH from Termux on Android to a Windows PC. Here's how:

On your Android device:

  1. Set up SSHD:
apt update && apt upgrade
apt install openssh
passwd

Enter your password when prompted, for example, 123.

  1. Run ssh daemon with command sshd
  2. Get your IP with the command tailscale ip or check your IP in the Tailscale Admin Dashboard.

On your Windows PC:

  1. Download & install Tailscale for Windows
  2. Open app & login to the Tailscale.
  3. Open the terminal & SSH to your Android IP:
ssh <random_user>@<tailscale_ip> -p 8022

For example:

ssh [email protected] -p 8022

SSH access to your Android device

You can also enable SSH access to your Android device using Tailscale SSH. To do this, advertise SSH on the host with the command tailscale up --ssh.

By default, Tailscale's SSH feature may not work on Android because it requires getent, which is part of GNU libc, and relies on glibc-specific features like nsswitch.conf.

To overcome this, I've created a mock getent and placed it in tailscale/bin/. This mock getent is used by Tailscale's userLookupGetent function.

After advertising SSH on the host, you can SSH into your Android device using ssh root@<tailscale_ip>.

ADB over Tailscale

You can run ADB over Tailscale. First, you need to enable ADB over TCP/IP. You can do this with the following commands:

setprop service.adb.tcp.port 5555
stop adbd
start adbd

These commands set the ADB daemon to listen on TCP port 5555 and then restart the ADB daemon to apply the change.

After enabling ADB over TCP/IP, you can connect to your Android device from your Windows machine using the adb connect command followed by your Tailscale IP and the port number:

adb connect <tailscale_ip>:5555

Avalilable command

USAGE
  tailscale [flags] <subcommand> [command flags]

For help on subcommands, add --help after: "tailscale status --help".

This CLI is still under active development. Commands and flags will
change in the future.

SUBCOMMANDS
  up         Connect to Tailscale, logging in if needed
  down       Disconnect from Tailscale
  set        Change specified preferences
  login      Log in to a Tailscale account
  logout     Disconnect from Tailscale and expire current node key
  switch     Switches to a different Tailscale account
  configure  [ALPHA] Configure the host to enable more Tailscale features
  netcheck   Print an analysis of local network conditions
  ip         Show Tailscale IP addresses
  status     Show state of tailscaled and its connections
  ping       Ping a host at the Tailscale layer, see how it routed
  nc         Connect to a port on a host, connected to stdin/stdout
  ssh        SSH to a Tailscale machine
  funnel     Turn on/off Funnel service
  serve      Serve content and local servers
  version    Print Tailscale version
  web        Run a web server for controlling Tailscale
  file       Send or receive files
  bugreport  Print a shareable identifier to help diagnose issues
  cert       Get TLS certs
  lock       Manage tailnet lock
  licenses   Get open source license information
  exit-node

FLAGS
  --socket string
        path to tailscaled socket (default /var/run/tailscale/tailscaled.sock)

For more details about CLI commands, check out the Tailscale CLI documentation.

Troubleshooting

Tailscale has some known issues. You can check them out here.

In order to execute any Tailscale command on the terminal, you must navigate to the directory /data/adb/tailscale/tmp/ and then execute the Tailscale command. For example, cd /data/adb/tailscale/tmp/ then tailscale login, or tailscale status.

To address this issue, I have created mock versions of tailscale and tailscaled. Now, you can run tailscale login directly without needing to navigate to the /data/adb/tailscale/tmp/ directory.

If you encounter any problems, take a look at the service.sh file. You can modify the commands that are not necessary. If you make some modifications to the commands and they work, please open an issue and make a report.

This module is confirmed to be supported for KernelSU, as confirmed by the author of KernelSU. If you encounter any problems, please let me know.

If you encounter any issues, you can check the logs at /data/adb/tailscale/tmp/tailscaled.log.

For more information, check out the links below:

Credits

Disclaimer

This module is not affiliated with the official Tailscale. It is a third-party implementation and the author is not responsible for any damage to your device that may occur from its use. Use at your own risk.

License

Released under BSD 3-Clause License.

Open Source Agenda is not affiliated with "Magisk Tailscaled" Project. README Source: anasfanani/Magisk-Tailscaled
Stars
105
Open Issues
3
Last Commit
2 weeks ago
Repository
anasfanani/Magisk-Tailscaled
Homepage
https://t.me/systembinsh/158
Tags
Other Magisk Module Tailscale Android Magisk Tunnel Vpn Wireguard Kernelsu Kernelsu Module Wireguard Tunnel Wireguard Vpn Wireguard Vpn Setup

Open Source Agenda Badge

Open Source Agenda Rating
Submit Review Review Your Favorite Project
Submit Resource Articles, Courses, Videos
Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?