Teleport Access Plane
Teleport Server Access
Consolidate identity-based server access across all environments, meet compliance requirements, and have complete visibility into access and behavior.
Easily secure your servers using security best practices
Certificate-centric design enables Teleport to deliver SSO, RBAC, per-session MFA, and other modern security best practices for SSH access.
Extend identity-based access to IT infrastructure and applications with Teleport Machine ID. It's the easiest way to issue, renew and manage SSH certificates for CI/CD automation, configuration management and other services that need SSH access.
Move away from root accounts with just-in-time SSH privilege escalation for administrative tasks. Access requests can be approved via Slack or other supported plugins.
Meet compliance requirements
Use the authorization mechanism best suited for your compliance requirements such as RBAC, per-session MFA, and dual authorization for privileged operations. Even machine users are subject to authorization with Teleport.
Avoid human errors using Teleport FIPS mode which rejects configuration options unless they are compliant with FIPS 140-2, also known as the Federal Information Processing Standard.
Implement moderated sessions, enforce concurrent session restrictions, proactive session termination and identity locking across your entire infrastructure footprint.
Access that doesn't get in the way
With a real-time inventory of all your Linux servers in the cloud, on-prem, or edge, resource discovery and maintenance are easy.
See all live interactive SSH sessions across your entire fleet. Easily join another user’s session for pair programming or debugging.
Automate access provisioning and access request approvals using your favorite programming language.
Complete visibility into access and behavior
Every interactive session by an engineer or service account is recorded for future replay and can be analyzed by other tools for behavior anomalies.
Consolidate all security events across all environments in a single source of truth for engineers and service accounts and export them into a SIEM solution of your choice.
Teleport offers enhanced session recordings based on BPF events so every system call during an SSH session by an engineer or service account can be audited.
Give an identity to all your microservices, CI/CD automation, and service accounts
Teleport Machine ID vastly simplifies certificate management for IT infrastructure and applications, just like Let’s Encrypt simplified TLS certificate management for websites.
Teleport Machine ID unifies access policies for people and machines, reducing operational overhead and increasing security and compliance.
Teleport Machine ID automatically implements least privilege for all machine users so you don’t have to worry about a compromised service taking over your infrastructure.
Enter command and press enter
Developer-friendly browser for cloud infrastructure
Traditional terminals are optimized for accessing
localhost. Teleport Connect offers enhanced user experience and identity-based access for engineers who work in the
Cloud-optimized user experience
Teleport Connect makes you feel that all cloud resources like thousands of SSH servers, Kubernetes clusters, databases, code repositories and Grafana dashboards are running on your laptop.
When you access infrastructure using a traditional terminal, you inherit the identity of the localhost account and use disjointed combinations of config files, passwords and keys to access remote resources. Teleport Connect leaves passwords behind, inherits your identity from SSO and uses it for everything.
Works with everything you have
Teleport Server Access is open source and relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as a single binary, it seamlessly integrates with the rest of your stack and is fully compatible with OpenSSH and other SSH-based tooling.
Easy to get started
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
- The tsh client allows users to login to retrieve short-lived certificates.
- The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
# on a client $ tsh login --proxy=example.com # on a server $ apt install teleport # in a Kubernetes cluster $ helm install
Learn more about Teleport Server Access
Key feature listing and details
Nearly all Teleport features are available in the open source package.
Five-minute demo of Teleport
This short video shows the basic capabilities of Teleport. Quickly access any computing resource anywhere.
Teleport Quick Start Guide
Developer Documentation for using Teleport. This tutorial will guide you through the steps needed to install and run Teleport on Linux machines.
HOW IT WORKS
Deep dive into how Teleport works
Learn the fundamentals of how Teleport works. The following is a series of articles describing key Teleport concepts.