Tailscaled only working after login

I uninstalled the App Store version of tailscale in order to be able to remotely control a Mac which will be restarted remotely from time to time.
I would need to be able to vnc/ remote desktop into it before the login.

I am reading the official tailscaled github page and it says:

tailscaled can run at system boot before any user has logged in (e.g. letting you VNC to your computer after a power outage)

I followed the steps and I’m successfully able to load tailscale on that Mac.
However, from another computer, in the tailscale admin page if I restart that Mac I’m not seeing the little green dot and the “connected” text.
Also trying VNC/ARD it’s not reachable.
Even a simple ping, will not reach that machine.
Using CLI commands from terminal, I get correct results and everything seems running fine.
The Mac Studio is running Monterey 12.4

What could be the problem?
Anything I could try?
thanks for helping

are the developers looking at this forum?

I’ve done it before with instructions from here, where I think you found that bit. Did you try the tailscaled install-system-daemon? And did you check that it creates the relevant files in the right place?

They do, yes, you might try adding the SUPPORT QUESTIONS category to your post.

yes, that command installed successfully the tailscaled file into /usr/local/bin
I followed all the steps in that link.

please note that all the CLI commands are working fine, and I can see the machine from the admin page, and everything works as it should, once logged in.
it’s only before logging in that it doesn’t work…

Is the plist file in place too? That’s what tells the Mac’s init system to start tailscaled on launch.

yes, the plist is there too

Do you have Filevault enabled on the machine? AFAIK, when Filevault is enabled, nothing will run until you have logged in.

Thanks, I didn’t know that – I will try first thing tomorrow.
Is it a known FileVault issue?
If so, it wouldn’t hurt mentioning that on the Tailscaled tutorial and notes!

After a quick test, it seems disabling FileVault solves the issue.
So I guess there’s nothing to be done on the Tailscale side? I would rather have FileVault on and using tailscaled at login.

FileVault is disk encryption, so when you boot up nothing useful can run because the disk is locked. It’s a security trade-off. Personally I’d rather have my disk encrypted and forego this issue than leave it unencrypted.

1 Like