Teleport Access Platform
Teleport Server Access
Consolidate identity-based server access across all environments, meet compliance requirements, and have complete visibility into access and behavior.
Easily secure your servers using security best practices
Certificate-centric design enables Teleport to deliver SSO, RBAC, per-session MFA, and other modern security best practices for SSH access.
Extend identity-based access to IT infrastructure and applications with Teleport Machine ID. It's the easiest way to issue, renew and manage SSH certificates for CI/CD automation, configuration management and other services that need SSH access.
Move away from root accounts with just-in-time SSH privilege escalation for administrative tasks. Access requests can be approved via Slack or other supported plugins.
Meet compliance requirements
Use the authorization mechanism best suited for your compliance requirements such as RBAC, per-session MFA, and dual authorization for privileged operations. Even machine users are subject to authorization with Teleport.
Avoid human errors using Teleport FIPS mode which rejects configuration options unless they are compliant with FIPS 140-2, also known as the Federal Information Processing Standard.
Implement moderated sessions, enforce concurrent session restrictions, proactive session termination and identity locking across your entire infrastructure footprint.
Access that doesn't get in the way
With a real-time inventory of all your Linux servers in the cloud, on-prem, or edge, resource discovery and maintenance are easy.
See all live interactive SSH sessions across your entire fleet. Easily join another user’s session for pair programming or debugging.
Automate access provisioning and access request approvals using your favorite programming language.
Complete visibility into access and behavior
Every interactive session by an engineer or service account is recorded for future replay and can be analyzed by other tools for behavior anomalies.
Consolidate all security events across all environments in a single source of truth for engineers and service accounts and export them into a SIEM solution of your choice.
Teleport offers enhanced session recordings based on BPF events so every system call during an SSH session by an engineer or service account can be audited.
Give an identity to all your microservices, CI/CD automation, and service accounts
Teleport Machine ID vastly simplifies certificate management for IT infrastructure and applications, just like Let’s Encrypt simplified TLS certificate management for websites.
Teleport Machine ID unifies access policies for people and machines, reducing operational overhead and increasing security and compliance.
Teleport Machine ID automatically implements least privilege for all machine users so you don’t have to worry about a compromised service taking over your infrastructure.
Enter command and press enter
Servers
Applications
Kubernetes
Databases
Desktop
hostname
ariel
titania
iapetus
stephano
hyperion
despina
hostname
Windows
Windows Prod
Windows Dev
Windows Bizops
Windows Sys
Windows Bkp
address
118.117.49.216
179.107.7.218
181.203.6.225
68.150.64.132
154.152.16.215
179.107.7.218
labels
arch: x86_64
env: dev
env: staging
env: prod
os: centos-8
os: rhel-8
action
Connect
Connect
Connect
Connect
Connect
Connect
Teleport Connect
Developer-friendly browser for cloud infrastructure
Traditional terminals are optimized for accessing localhost
. Teleport Connect offers enhanced user experience and identity-based access for engineers who work in the cloud
.
Cloud-optimized user experience
Teleport Connect makes you feel that all cloud resources like thousands of SSH servers, Kubernetes clusters, databases, code repositories and Grafana dashboards are running on your laptop.
Identity-based security
When you access infrastructure using a traditional terminal, you inherit the identity of the localhost account and use disjointed combinations of config files, passwords and keys to access remote resources. Teleport Connect leaves passwords behind, inherits your identity from SSO and uses it for everything.
Teleport makes it easy for us to access our on-prem Linux servers taking advantage of our SSO (single sign on) solution through a single access point. And, because Teleport uses short-lived certs, we avoid all of the overhead that comes with key management.
Marcos Cherem
Head of IT Operations, Awin
Demo Video
Works with everything you have
Teleport Server Access is open source and relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as a single binary, it seamlessly integrates with the rest of your stack and is fully compatible with OpenSSH and other SSH-based tooling.
Easy to get started
Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.
- The tsh client allows users to login to retrieve short-lived certificates.
- The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
# on a client
$ tsh login --proxy=example.com
# on a server
$ apt install teleport
# in a Kubernetes cluster
$ helm install
Explore resources
Learn more about Teleport Server Access
FEATURES
Key feature listing and details
Nearly all Teleport features are available in the open source package.
DEMO
Five-minute demo of Teleport
This short video shows the basic capabilities of Teleport. Quickly access any computing resource anywhere.
DOCS
Teleport Quick Start Guide
Developer Documentation for using Teleport. This tutorial will guide you through the steps needed to install and run Teleport on Linux machines.
HOW IT WORKS
Deep dive into how Teleport works
Learn the fundamentals of how Teleport works. The following is a series of articles describing key Teleport concepts.