Teleport is the easiest, most secure way to access all your infrastructure. Teleport is an identity-aware, multi-protocol access proxy which understands SSH, HTTPS, RDP, Kubernetes API, MySQL, MongoDB and PostgreSQL wire protocols.
On the server-side, Teleport is a single binary which enables convenient secure access to behind-NAT resources such as:
- SSH nodes - SSH works in browsers too!
- Kubernetes clusters
- PostgreSQL, MongoDB, CockroachDB and MySQL databases
- Internal Web apps
- Windows Hosts
- Networked servers
Teleport is trivial to set up as a Linux daemon or in a Kubernetes pod. It's rapidly replacing legacy sshd-based setups at - organizations who need:
- Developer convenience of having instant secure access to everything they need across many environments and cloud providers.
- Audit log with session recording/replay for multiple protocols
- Easily manage trust between teams, organizations and data centers.
- Role-based access control (RBAC) and flexible access workflows (one-time access requests)
In addition to its hallmark features, Teleport is interesting for smaller teams because it facilitates easy adoption of the best infrastructure security practices like:
- No need to manage shared secrets such as SSH keys: Teleport uses certificate-based access with automatic certificate expiration time for all protocols.
- Two-factor authentication (2FA) for everything.
- Collaboratively troubleshoot issues through session sharing.
- Single sign-on (SSO) for everything via Github Auth, OpenID Connect, or SAML with endpoints like Okta or Active Directory.
- Infrastructure introspection: Use Teleport via the CLI or Web UI to view the status of every SSH node, database instance, Kubernetes cluster, or internal web app.
Teleport is built upon the high-quality Golang SSH implementation. It is fully compatible with OpenSSH, sshd servers, and ssh clients.