Sign In

Sign in to Teleport

Teleport Cloud LoginLogin to your Teleport Account
Dashboard LoginLegacy Login & Teleport Enterprise Downloads
Get Started
Fork me on GitHub
Teleport

Installation

OpenSource
Version 8.0
Improve

Teleport core service teleport and admin tool tctl have been designed to run on Linux and Mac operating systems. The Teleport user client tsh and UI are available for Linux, Mac, and Windows operating systems.

Linux

The following examples install the 64-bit version of Teleport binaries, but 32-bit (i386) and ARM binaries are also available. Check the Latest Release page for the most up-to-date information.

The examples below may include the use of the sudo keyword, token UUIDs, and users with elevated privileges to make following each step easier.

We recommend you follow the best practices to avoid security incidents:

  1. Avoid using sudo in production environments unless it's necessary.
  2. Create new, non-root, users and use test instances for experimenting with Teleport.
  3. You can run many Teleport's services as a non root. For example, auth, proxy, application access, kubernetes access, and database access services can run as a non-root user. Only the SSH/node service requires root access. You will need root permissions (or the CAP_NET_BIND_SERVICE capability) to make Teleport listen on a port numbered < 1024 (e.g. 443)
  4. Follow the "Principle of Least Privilege" (PoLP) and "Zero Admin" best practices. Don't give users permissive roles when giving them more restrictive access,editor roles will do instead.
  5. Save tokens into a file rather than sharing tokens directly as strings.
Install our public key.
curl https://deb.releases.teleport.dev/teleport-pubkey.asc | sudo apt-key add -
Add repo to APT
add-apt-repository 'deb https://deb.releases.teleport.dev/ stable main'
Update APT Cache
apt-get update
Install Teleport
apt install teleport
yum-config-manager --add-repo https://rpm.releases.teleport.dev/teleport.repo
yum install teleport
curl https://get.gravitational.com/teleport-v8.0.7-linux-arm-bin.tar.gz.sha256
<checksum> <filename>
curl -O https://get.gravitational.com/teleport-v8.0.7-linux-arm-bin.tar.gz
shasum -a 256 teleport-v8.0.7-linux-arm-bin.tar.gz
Verify that the checksums match
tar -xzf teleport-v8.0.7-linux-arm-bin.tar.gz
cd teleport
./install
curl https://get.gravitational.com/teleport-v8.0.7-linux-arm64-bin.tar.gz.sha256
<checksum> <filename>
curl -O https://get.gravitational.com/teleport-v8.0.7-linux-arm64-bin.tar.gz
shasum -a 256 teleport-v8.0.7-linux-arm64-bin.tar.gz
Verify that the checksums match
tar -xzf teleport-v8.0.7-linux-arm64-bin.tar.gz
cd teleport
./install
curl https://get.gravitational.com/teleport-v8.0.7-linux-amd64-bin.tar.gz.sha256
<checksum> <filename>
curl -O https://get.gravitational.com/teleport-v8.0.7-linux-amd64-bin.tar.gz
shasum -a 256 teleport-v8.0.7-linux-amd64-bin.tar.gz
Verify that the checksums match
tar -xzf teleport-v8.0.7-linux-amd64-bin.tar.gz
cd teleport
./install

Docker

Please follow our Getting started with Teleport using Docker or with Teleport Enterprise using Docker for install and setup instructions.

docker pull quay.io/gravitational/teleport:8.0.7

Helm

Please follow our Getting Started with Kubernetes Access or Helm Chart Readme for install and setup instructions.

helm repo add teleport https://charts.releases.teleport.dev

MacOS

Download MacOS .pkg installer (tsh client only, signed) file, double-click to run the Installer.

Note

This method only installs the tsh client for interacting with Teleport clusters. If you need the teleport server or tctl admin tool, use the "Terminal" method instead.

brew install teleport
Note

The Teleport package in Homebrew is not maintained by Teleport and we can't guarantee its reliability or security. We recommend the use of our own Teleport packages.

Note

If you choose to use Homebrew, you must verify that the versions of tsh and tctl are compatible with the versions you run server-side. Homebrew usually ships the latest release of Teleport, which may be incompatible with older versions. See our compatibility policy for details.

curl -O https://get.gravitational.com/teleport-8.0.7.pkg
sudo installer -pkg teleport-8.0.7.pkg -target / # Installs on Macintosh HD
Password:
installer: Package name is teleport-8.0.7
installer: Upgrading at base path /
installer: The upgrade was successful.
which teleport
/usr/local/bin/teleport

Windows (tsh client only)

As of version v3.0.1 we have tsh client binary available for Windows 64-bit architecture - teleport and tctl are not supported. Most tsh features are supported under Windows 10 1607+ as of Teleport v7.2. We support running tsh ssh under cmd.exe, PowerShell, and the Windows Terminal app.

curl https://get.gravitational.com/teleport-v8.0.7-windows-amd64-bin.zip.sha256
<checksum> <filename>
curl -O teleport-v8.0.7-windows-amd64-bin.zip https://get.gravitational.com/teleport-v8.0.7-windows-amd64-bin.zip
echo %PATH% # Edit %PATH% if necessary
certUtil -hashfile teleport-v8.0.7-windows-amd64-bin.zip SHA256
SHA256 hash of teleport-v8.0.7-windows-amd64-bin.zip:
<checksum> <filename>
CertUtil: -hashfile command completed successfully.
Verify that the checksums match
Move `tsh` to your %PATH%

Installing from source

Gravitational Teleport is written in Go language. It requires Golang v1.17 or newer. Check the repo README for the latest requirements.

Install Go

If you don't already have Golang installed you can see installation instructions here. If you are new to Go there are a few quick setup things to note:

  • Go installs all dependencies for all projects in a single directory determined by the $GOPATH variable. The default directory is GOPATH=$HOME/go but you can set it to any directory you wish.
  • If you plan to use Golang for more than just this installation you may want to echo "export GOPATH=$HOME/go" >> ~/.bashrc (or your shell config).

Build Teleport 

get the source & build:
mkdir -p $GOPATH/src/github.com/gravitational
cd $GOPATH/src/github.com/gravitational
git clone https://github.com/gravitational/teleport.git
cd teleport
Make sure you have `zip` installed - the Makefile uses it
make full
create the default data directory before running `teleport`
sudo mkdir -p /var/lib/teleport
sudo chown $USER /var/lib/teleport

If the build succeeds, the binaries teleport, tsh, and tctl are now in the directory $GOPATH/src/github.com/gravitational/teleport/build

Checksums

Gravitational Teleport provides a checksum from the Downloads. This should be used to verify the integrity of our binary.

Teleport Checksum

If you download Teleport via an automated system, you can programmatically obtain the checksum by adding .sha256 to the binary. This is the method shown in the installation examples.

export version=v8.0.7
export os=linux # 'darwin' 'linux' or 'windows'
export arch=amd64 # '386' 'arm' on linux or 'amd64' for all distros
curl https://get.gravitational.com/teleport-$version-$os-$arch-bin.tar.gz.sha256
<checksum> <filename>

Operating System support

Teleport is officially supported on the platforms listed below. It is worth noting that the open-source community has been successful in building and running Teleport on UNIX variants other than Linux [1].

Operating SystemTeleport ClientTeleport Server
Linux v2.6.23+yesyes
MacOS v10.12+yesyes
Windows [2]yes [2]no

[1] Teleport is written in Go and it's possible to build it on any OS supported by the Golang toolchain.

[2] Teleport server does not run on Windows yet, but tsh (the Teleport client) supports most features on Windows 10 and later.

Have a suggestion or can’t find something?
IMPROVE THE DOCS