Isn’t that like inviting all your friends and family onto your LAN? That would seem to have its own security risks.
Comment on Netflix kills casting from phones
Jyek@sh.itjust.works 2 weeks agoDon’t port forward Jellyfin. That’s terribly insecure. Just install tailscale or similar and invite the people you wish to allow access.
floofloof@lemmy.ca 2 weeks ago
Jyek@sh.itjust.works 2 weeks ago
No absolutely not. You invite their account to access a designated device or multiple devices on your tailscale network.
handsoffmydata@lemmy.zip 2 weeks ago
I don’t disagree with you. My earlier comment that mentions port forwarding and infrastructure comes from guides that direct admins to set up a tunnel through Cloudflare, expose JFs port at the router, and point the tunnel at it. Not only is it insecure and likely to offer poor performance, it’s probably a violation of CF ToS (tunneling video data). Going the Plex or pivpn routes will require a port being forwarded, Plex more a beginner option, pivpn only slightly more complicated, but both still expose an attack surface. Tailscale looks appealing from a security perspective, no port forwarding required, plus I find full mesh networks really neat. I just don’t want to rely on tailscale’s coordinated servers to stand between my network devices since I rely on WireGuard for more than media streaming. Tailscale is definitely a great solution for users with CGNAT-based ISPs though.
Jyek@sh.itjust.works 2 weeks ago
Tailscale actually uses wire guard as well. It can also be used as an exit node for mullvad so you can use tailscale as your full stack vpn solution.