Could you make it so the URL is one-use only, such that once you've scanned it with your phone you can stop worrying because anyone else who uses it won't be able to start a session?
It's not, because the "secure key" is only in the domain name, which is transmitted in the clear via SNI. That means anyone along the network path can get the key, and therefore can get access in your terminal.
I have acme.sh creating the certs using let’s encrypt. I have a reverse proxy (haproxy) in front of code server. This handles ssl.
The port forwarding and mapping to a subdomain is automatic - it’s a feature of code server: https://coder.com/docs/code-server/guide
From the docs: code-server --proxy-domain <domain>
In this case, I think using Termux + SSH would be more convenient and compatible with all devices running sshd.
Better yet would be setting up your own wireguard instance and not relying on free lunches. But as far as free lunches go tailscale would be my preferred option
What it provides is a opinionated configuration management - which is admittedly great which is why I use it as well, but it's nonsensical to say tailscale works in places where wireguard is blocked.
You're likely just noticing the preconfigured nat traversal which tailscale provides and never set one up yourself, as you'd need a static IP for that and it's unconfigured by default.
I have two machines on my desk, I configure a wg service on both. I also configure tailscale on both. Everything works.
I move one machine to another network, at a friend's place.
Wg does not work anymore. Tailscale works. So this is very much sensible to say what GP said.
Now, you can have all kinds of explanations about why wg dos not work and ts does, you know STUN, DERP, ts using wg under the hood, and whatnot but the facts are cruel: I cannot wg to my machine, but I can ts.
It remains nonsensical no matter how uninformed the user may be - even if he's proud of being such, as you seem to be.
This was not a discussion about what tool to use if the person doesn't know about networking and is generally ... "less technical".
lsb_release -cs
What you want is UBUNTU_CODENAME from /etc/os-release (in the case of Linux Mint 22.2, it's "noble")
EDIT: Actually, I'm not even sure you can do $(command) inside /etc/apt/sources.list.d/*
Thanks though for the fix.
Lots of different technical solutions for how to do this, including the Claude and ChatGPT mobile apps nowadays. I use Tailscale. Choose what works best for you and enjoy.
One nit-pick: Terminus requiring a lot of setup work:
Terminus is trivial to use with a rented VPS. But, ptn solves a different problem
phs318u•19h ago
Laziness - the mother of (most) invention.