Skip to main content


A Managed Nebula host is simply any single node in the network, e.g. a server, laptop, etc. The certificate authority is used to sign keys for each host added to a network. A host certificate contains the name, IP address, group membership, and a number of other details about a host. Individual hosts cannot modify their own certificate, because doing so will invalidate it. This allows us to trust that a host cannot impersonate another host within a Managed Nebula network. Each host will have its own private key, which is used to validate the identity of that host when tunnels are created.

Hosts run dnclient, which configures them in accordance with settings established within the Defined Networking admin panel.