LHS Episode #591: Netbird Deep Dive

by Black Sparrow Media Episode #591 Duration: 00:47:20
LHS Episode #591: Netbird Deep Dive

Hello and welcome to Episode #591 of Linux in the Ham Shack. In this deep dive episode, the hosts discuss Netbird, a wireguard-based VPN solution that is akin to TailScale. Topics include use cases, download and installation, basic configuration, gotchas, chaining with other VPNs and much more. Thanks for listening and have a great week.

Download MP3 (21MB)

Listen Now

Segment 1 (Deep Dive)

  • Netbird

  • NetBird combines a configuration-free peer-to-peer private network and a centralized access control system in a single platform, making it easy to create secure private networks for your organization or home. NetBird creates a WireGuard-based overlay network that automatically connects your machines over an encrypted tunnel, leaving behind the hassle of opening ports, complex firewall rules, VPN gateways, and so forth. It enables secure remote access by applying granular access policies while allowing you to manage them intuitively from a single place. Works universally on any infrastructure.

  • Topics

  • License: BSD and AGPL

  • Use case basics

  • Implementation basics

  • Cloud vs. self-hosted

  • Cross-platform

  • Installation procedure (download, curl, pamac, installation files for MacOS or Windows, etc)

  • Starting the service

  • Authentication via SSO

  • Linking a host (URL, setup key)

  • Additional Info: https://lhs.fyi/JT

  • Bringing up the VPN on a host (sudo netbird server start, netbird up)

  • Access control

  • Additional Info: https://lhs.fyi/JU

  • Access policies, port rules, etc.

  • Posture validation (paid versions)

  • Cloud application management panel

  • Additional Info: https://lhs.fyi/JV

  • Disable client expiration for non-transient hosts!

  • Last seen

  • Operating system

  • Groups

  • Host control options

  • Networks

  • Agentless access to network resources

  • DNS

  • Set DNS servers (by group, domain, etc)

  • Local DNS is handled by local Netbird service

  • Teams

  • Allow access to create peers, manage network, etc for other users

  • Free version allows 5 users and 100 peers

  • API

  • All features of the Netbird dashboard can be managed through its API

  • Authentication can be managed with tokens and MFA

  • Resources

  • https://lhs.fyi/JP (Netbird control panel)

  • https://lhs.fyi/JQ (Netbird homepage)

  • https://lhs.fyi/JR (Documentation)

  • https://lhs.fyi/JS (Github)

Segment 2 (Announcements & Feedback)

  • Mastodon comment from @waterfordham

  • Hey folks, Ep588 feedback. You made a suggestion for someone to go make a sandwich waiting to see if a USB key had finished writing. A slight improvement may be for them to issue a sync command and then go make the sandwich 🙂

  • Please Help Support the Show

  • Patreon

  • Paypal

  • Merchandise

  • YouTube

Segment 3 (New Subscribers, New Supporters & Live Participants)

  • Discord

  • Morse

  • Mike_Kelly

  • Reggy

  • Mastodon

  • @DL9ET

  • Live Chat

  • Steve, KJ5T

  • Darren, VK6EK

  • niemandem