FR: warn before applying tags that revoke SSH connection

[rosszurowski]

What are you trying to do?

When applying tags to a device while SSHing over Tailscale (not necessarily Tailscale SSH), it's easy to mistype a tag name and accidentally revoke your access to a device. Since we advise people to lock down servers to only be accessible over Tailscale, it'd be nice to provide some confirmation before kicking them off their devices.

For example, if I have tag:banana and I type:

$ tailscale up --advertise-tags=tag:banna

Access revoked.

Connection to 101.101.101.101 closed.

I'll immediately get kicked out, because undefined tags have no permissions.

How should we solve this?

Like we did for Tailscale SSH, we should warn users or ask for confirmation before kicking them out of their SSH connection.

What is the impact of not solving this?

It's a usability issue that likely doesn't affect too many people, but could have severe consequences for remotely deployed devices that use Tailscale as their primary means of access.