Teleport daemon
The Teleport daemon is called teleport and it supports
the following commands:
| Command | Description |
|---|---|
| start | Starts the Teleport daemon. |
| configure | Dumps a sample configuration file in YAML format into standard output. |
| version | Shows the Teleport version. |
| status | Shows the status of a Teleport connection. This command is only available from inside of an active SSH session. |
| help | Shows help options. |
When experimenting, you can quickly start teleport with verbose logging by typing teleport start -d.
Teleport stores data in /var/lib/teleport . Make sure that regular/non-admin users do not have access to this folder on the Auth server.
Systemd unit file
In production, we recommend starting teleport daemon via an init system like systemd. Here's the recommended Teleport service unit file for systemd:
[Unit]
Description=Teleport SSH Service
After=network.target
[Service]
Type=simple
Restart=on-failure
ExecStart=/usr/local/bin/teleport start --config=/etc/teleport.yaml --pid-file=/run/teleport.pid
ExecReload=/bin/kill -HUP $MAINPID
PIDFile=/run/teleport.pid
[Install]
WantedBy=multi-user.target
Daemon restarts
As covered in the Graceful Restarts section, Teleport supports graceful restarts. To upgrade a host to a newer Teleport version, an administrator must:
This will perform a graceful restart, i.e. the Teleport daemon will fork a new process to handle new incoming requests, leaving the old daemon process running until existing clients disconnect.