FreeBSD Bugzilla – Attachment 239072 Details for
Bug 268604
security/teleport: Update to 5.2.5
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Add security/teleport5, set deprecation and expiry date for security/teleport
0001-PATCH-security-teleport-update-to-5.2.5-as-security-.patch (text/plain), 19.46 KB, created by
Michael Reim
on 2022-12-28 00:01:51 UTC
(
hide
)
Description:
Add security/teleport5, set deprecation and expiry date for security/teleport
Filename:
MIME Type:
Creator:
Michael Reim
Created:
2022-12-28 00:01:51 UTC
Size:
19.46 KB
patch
obsolete
>From 6102997eb31dc91e798d7229abbc83464c8c63e7 Mon Sep 17 00:00:00 2001 >From: Michael Reim <kraileth@elderlinux.org> >Date: Wed, 28 Dec 2022 00:46:46 +0100 >Subject: [PATCH] [PATCH] security/teleport: update to 5.2.5 as > security/teleport5 > >What's new: Web application access (e.g. dashboards), improved K8s handling (multi-cluster support, complete audit log capture), cluster labels, UI improvements. >--- > security/Makefile | 1 + > security/teleport/Makefile | 2 + > security/teleport5/Makefile | 77 ++++++++++++ > security/teleport5/distinfo | 5 + > .../files/patch-lib_defaults_defaults.go | 11 ++ > .../files/patch-lib_events_auditlog.go | 11 ++ > .../teleport5/files/patch-lib_events_doc.go | 110 ++++++++++++++++++ > .../files/patch-lib_services_server.go | 11 ++ > ...tch-tool_teleport_common_teleport__test.go | 20 ++++ > ...ithub.com_kr_pty_ztypes__freebsd__arm64.go | 16 +++ > security/teleport5/files/patch-version.mk | 8 ++ > security/teleport5/files/pkg-message.in | 33 ++++++ > security/teleport5/files/teleport.in | 55 +++++++++ > security/teleport5/pkg-descr | 15 +++ > 14 files changed, 375 insertions(+) > create mode 100644 security/teleport5/Makefile > create mode 100644 security/teleport5/distinfo > create mode 100644 security/teleport5/files/patch-lib_defaults_defaults.go > create mode 100644 security/teleport5/files/patch-lib_events_auditlog.go > create mode 100644 security/teleport5/files/patch-lib_events_doc.go > create mode 100644 security/teleport5/files/patch-lib_services_server.go > create mode 100644 security/teleport5/files/patch-tool_teleport_common_teleport__test.go > create mode 100644 security/teleport5/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go > create mode 100644 security/teleport5/files/patch-version.mk > create mode 100644 security/teleport5/files/pkg-message.in > create mode 100644 security/teleport5/files/teleport.in > create mode 100644 security/teleport5/pkg-descr > >diff --git a/security/Makefile b/security/Makefile >index ce4f11333893..896463783eeb 100644 >--- a/security/Makefile >+++ b/security/Makefile >@@ -1253,6 +1253,7 @@ > SUBDIR += tclsasl > SUBDIR += tcpcrypt > SUBDIR += teleport >+ SUBDIR += teleport5 > SUBDIR += testssl.sh > SUBDIR += tfhe > SUBDIR += tfsec >diff --git a/security/teleport/Makefile b/security/teleport/Makefile >index 4da67180a1b0..8843c90f3809 100644 >--- a/security/teleport/Makefile >+++ b/security/teleport/Makefile >@@ -10,6 +10,8 @@ WWW= https://goteleport.com/teleport > > LICENSE= APACHE20 > >+DEPRECATED= EOL, superseded by security/teleport5 >+EXPIRATION_DATE=2023-03-31 > NOT_FOR_ARCHS= i386 > NOT_FOR_ARCHS_REASON= Uses 64bit types > >diff --git a/security/teleport5/Makefile b/security/teleport5/Makefile >new file mode 100644 >index 000000000000..52d34fabe1c8 >--- /dev/null >+++ b/security/teleport5/Makefile >@@ -0,0 +1,77 @@ >+PORTNAME= teleport >+DISTVERSIONPREFIX= v >+DISTVERSION= 5.2.5 >+CATEGORIES= security >+PKGNAMESUFFIX= 5 >+ >+MAINTAINER= kraileth@elderlinux.org >+COMMENT= Centralized access gateway using the SSH protocol >+WWW= https://goteleport.com/teleport >+ >+LICENSE= APACHE20 >+ >+NOT_FOR_ARCHS= i386 >+NOT_FOR_ARCHS_REASON= Uses 64bit types >+ >+BUILD_DEPENDS= zip:archivers/zip >+ >+# If you need the auth service to work, you need to compile this port with >+# Go 1.17 or older. In case tsh is what you're after, Go 1.19 is fine. >+USES= compiler gmake go >+ >+USE_GITHUB= yes >+GH_ACCOUNT= gravitational >+GH_TUPLE= gravitational:webassets:8ace0cf:webassets/webassets >+GH_COMMIT_SHORT= f8ba4afd9 >+GH_TAG_COMMIT= ${DISTVERSIONPREFIX}${DISTVERSION}-0-g${GH_COMMIT_SHORT} >+ >+USE_RC_SUBR= teleport >+ >+# Extra assets are stored in the binary and must not be inadvertently removed >+STRIP= >+NOPRECIOUSMAKEVARS= YES >+ >+SUB_FILES= pkg-message >+ >+PLIST_FILES= bin/tctl \ >+ bin/teleport \ >+ bin/tsh \ >+ "@sample etc/teleport.yaml.sample" >+ >+GO_TELEPORT_SRC_DIR= src/github.com/gravitational/teleport >+PRE_GOPATH_DIR= ${PORTNAME}-${DISTVERSION}${DISTVERSIONSUFFIX} >+ >+post-patch: >+ @${MKDIR} ${WRKDIR}/${GO_TELEPORT_SRC_DIR} >+ @${REINPLACE_CMD} -e 's|%%GH_TAG_COMMIT%%|${GH_TAG_COMMIT}|' \ >+ ${WRKSRC}/version.mk >+ @${FIND} ${WRKSRC}/docs/pages -iname '*.mdx' | ${XARGS} \ >+ ${REINPLACE_CMD} -i '' -e 's|/var/lib|/var/db|g' >+ @${CP} -rpH ${WRKDIR}/${PRE_GOPATH_DIR}/vendor/* ${WRKDIR}/src/ >+ @${CP} -rpH ${WRKDIR}/${PRE_GOPATH_DIR}/* ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/ >+ >+do-build: >+ @cd ${WRKDIR}/${GO_TELEPORT_SRC_DIR} && \ >+ ${SETENV} ${MAKE_ENV} ${BUILD_ENV} ${GO_ENV} \ >+ CGO_ENABLED=1 GOPATH=${WRKDIR} \ >+ ${GMAKE} full >+ >+do-install: >+ ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/build/teleport configure > ${STAGEDIR}${PREFIX}/etc/teleport.yaml.sample >+ @${SED} -i '' \ >+ -e "s|nodename: .*|nodename: |g" \ >+ -e "s|cluster-join-token||g" \ >+ ${STAGEDIR}${PREFIX}/etc/teleport.yaml.sample >+ ${INSTALL_PROGRAM} ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/build/teleport ${STAGEDIR}${PREFIX}/bin >+ ${INSTALL_PROGRAM} ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/build/tsh ${STAGEDIR}${PREFIX}/bin >+ ${INSTALL_PROGRAM} ${WRKDIR}/${GO_TELEPORT_SRC_DIR}/build/tctl ${STAGEDIR}${PREFIX}/bin >+ >+.include <bsd.port.pre.mk> >+ >+# golang assumes that if clang is in use, it is called "clang" and not "cc". If >+# it's called "cc", go fails. >+.if ${COMPILER_TYPE} == clang >+BUILD_ENV= CC=clang >+.endif >+ >+.include <bsd.port.post.mk> >diff --git a/security/teleport5/distinfo b/security/teleport5/distinfo >new file mode 100644 >index 000000000000..cd05976249ca >--- /dev/null >+++ b/security/teleport5/distinfo >@@ -0,0 +1,5 @@ >+TIMESTAMP = 1670876102 >+SHA256 (gravitational-teleport-v5.2.5_GH0.tar.gz) = 81b48678ead350ca40183ffef70c4afe0ffdcf1e895d04c0bc62eab180b41065 >+SIZE (gravitational-teleport-v5.2.5_GH0.tar.gz) = 41856905 >+SHA256 (gravitational-webassets-8ace0cf_GH0.tar.gz) = 87b4a3beff4259ff48d30a03cb2e5ac580dc964eac5218518ac89ede450d2220 >+SIZE (gravitational-webassets-8ace0cf_GH0.tar.gz) = 4719723 >diff --git a/security/teleport5/files/patch-lib_defaults_defaults.go b/security/teleport5/files/patch-lib_defaults_defaults.go >new file mode 100644 >index 000000000000..a0ec9693613e >--- /dev/null >+++ b/security/teleport5/files/patch-lib_defaults_defaults.go >@@ -0,0 +1,11 @@ >+--- lib/defaults/defaults.go.orig 2022-02-23 04:58:43 UTC >++++ lib/defaults/defaults.go >+@@ -466,7 +466,7 @@ var ( >+ >+ // DataDir is where all mutable data is stored (user keys, recorded sessions, >+ // registered SSH servers, etc): >+- DataDir = "/var/lib/teleport" >++ DataDir = "/var/db/teleport" >+ >+ // StartRoles is default roles teleport assumes when started via 'start' command >+ StartRoles = []string{RoleProxy, RoleNode, RoleAuthService} >diff --git a/security/teleport5/files/patch-lib_events_auditlog.go b/security/teleport5/files/patch-lib_events_auditlog.go >new file mode 100644 >index 000000000000..ab0c4e04e7bf >--- /dev/null >+++ b/security/teleport5/files/patch-lib_events_auditlog.go >@@ -0,0 +1,11 @@ >+--- lib/events/auditlog.go.orig 2022-02-23 04:58:43 UTC >++++ lib/events/auditlog.go >+@@ -45,7 +45,7 @@ import ( >+ const ( >+ // SessionLogsDir is a subdirectory inside the eventlog data dir >+ // where all session-specific logs and streams are stored, like >+- // in /var/lib/teleport/logs/sessions >++ // in /var/db/teleport/logs/sessions >+ SessionLogsDir = "sessions" >+ >+ // StreamingLogsDir is a subdirectory of sessions /var/lib/teleport/logs/streaming >diff --git a/security/teleport5/files/patch-lib_events_doc.go b/security/teleport5/files/patch-lib_events_doc.go >new file mode 100644 >index 000000000000..570c0aba3879 >--- /dev/null >+++ b/security/teleport5/files/patch-lib_events_doc.go >@@ -0,0 +1,110 @@ >+--- lib/events/doc.go.orig 2022-02-23 04:58:43 UTC >++++ lib/events/doc.go >+@@ -85,7 +85,7 @@ Main Audit Log Format >+ >+ The main log files are saved as: >+ >+- /var/lib/teleport/log/<auth-server-id>/<date>.log >++ /var/db/teleport/log/<auth-server-id>/<date>.log >+ >+ The log file is rotated every 24 hours. The old files must be cleaned >+ up or archived by an external tool. >+@@ -111,7 +111,7 @@ Each session has its own session log stored as several >+ >+ Index file contains a list of event files and chunks files associated with a session: >+ >+- /var/lib/teleport/log/sessions/<auth-server-id>/<session-id>.index >++ /var/db/teleport/log/sessions/<auth-server-id>/<session-id>.index >+ >+ The format of the index file contains of two or more lines with pointers to other files: >+ >+@@ -120,8 +120,8 @@ The format of the index file contains of two or more l >+ >+ Files: >+ >+- /var/lib/teleport/log/<auth-server-id>/<session-id>-<first-event-in-file-index>.events >+- /var/lib/teleport/log/<auth-server-id>/<session-id>-<first-chunk-in-file-offset>.chunks >++ /var/db/teleport/log/<auth-server-id>/<session-id>-<first-event-in-file-index>.events >++ /var/db/teleport/log/<auth-server-id>/<session-id>-<first-chunk-in-file-offset>.chunks >+ >+ Where: >+ - .events (same events as in the main log, but related to the session) >+@@ -135,7 +135,7 @@ Examples >+ In the simplest case, single auth server a1 log for a single session id s1 >+ will consist of three files: >+ >+-/var/lib/teleport/a1/s1.index >++/var/db/teleport/a1/s1.index >+ >+ With contents: >+ >+@@ -146,14 +146,14 @@ This means that all session events are located in s1-0 >+ the first event with index 0 and all chunks are located in file s1-0.chunks file >+ with the byte offset from the start - 0. >+ >+-File with session events /var/lib/teleport/a1/s1-0.events will contain: >++File with session events /var/db/teleport/a1/s1-0.events will contain: >+ >+ {"ei":0,"event":"session.start", ...} >+ {"ei":1,"event":"resize",...} >+ {"ei":2,"ci":0, "event":"print","bytes":40,"offset":0} >+ {"ei":3,"event":"session.end", ...} >+ >+-File with recorded session /var/lib/teleport/a1/s1-0.chunks will contain 40 bytes >++File with recorded session /var/db/teleport/a1/s1-0.chunks will contain 40 bytes >+ emitted by print event with chunk index 0 >+ >+ **Multiple Auth Servers** >+@@ -164,7 +164,7 @@ In high availability mode scenario, multiple auth serv >+ Any auth server can go down during session and clients will retry the delivery >+ to the other auth server. >+ >+-Both auth servers have mounted /var/lib/teleport/log as a shared NFS folder. >++Both auth servers have mounted /var/db/teleport/log as a shared NFS folder. >+ >+ To make sure that only one auth server writes to a file at a time, >+ each auth server writes to it's own file in a sub folder named >+@@ -176,37 +176,37 @@ and the second batch of event to the second server a2. >+ >+ Server a1 will produce the following file: >+ >+-/var/lib/teleport/a1/s1.index >++/var/db/teleport/a1/s1.index >+ >+ With contents: >+ >+ {"file_name":"s1-0.events","type":"events","index":0} >+ {"file_name":"s1-0.chunks","type":"chunks","offset":0} >+ >+-Events file /var/lib/teleport/a1/s1-0.events will contain: >++Events file /var/db/teleport/a1/s1-0.events will contain: >+ >+ {"ei":0,"event":"session.start", ...} >+ {"ei":1,"event":"resize",...} >+ {"ei":2,"ci":0, "event":"print","bytes":40,"offset":0} >+ >+-Events file /var/lib/teleport/a1/s1-0.chunks will contain 40 bytes >++Events file /var/db/teleport/a1/s1-0.chunks will contain 40 bytes >+ emitted by print event with chunk index. >+ >+ Server a2 will produce the following file: >+ >+-/var/lib/teleport/a2/s1.index >++/var/db/teleport/a2/s1.index >+ >+ With contents: >+ >+ {"file_name":"s1-3.events","type":"events","index":3} >+ {"file_name":"s1-40.chunks","type":"chunks","offset":40} >+ >+-Events file /var/lib/teleport/a2/s1-4.events will contain: >++Events file /var/db/teleport/a2/s1-4.events will contain: >+ >+ {"ei":3,"ci":1, "event":"print","bytes":15,"ms":713,"offset":40} >+ {"ei":4,"event":"session.end", ...} >+ >+-Events file /var/lib/teleport/a2/s1-40.chunks will contain 15 bytes emitted >++Events file /var/db/teleport/a2/s1-40.chunks will contain 15 bytes emitted >+ by print event with chunk index 1 and comes after delay of 713 milliseconds. >+ >+ Offset 40 indicates that the first chunk stored in the file s1-40.chunks >diff --git a/security/teleport5/files/patch-lib_services_server.go b/security/teleport5/files/patch-lib_services_server.go >new file mode 100644 >index 000000000000..a93f72ee384f >--- /dev/null >+++ b/security/teleport5/files/patch-lib_services_server.go >@@ -0,0 +1,11 @@ >+--- lib/services/server.go.orig 2022-02-23 04:58:43 UTC >++++ lib/services/server.go >+@@ -578,7 +578,7 @@ type CommandLabelV1 struct { >+ // Period is a time between command runs >+ Period time.Duration `json:"period"` >+ // Command is a command to run >+- Command []string `json:"command"` //["/usr/bin/hostname", "--long"] >++ Command []string `json:"command"` //["/bin/hostname", "--long"] >+ // Result captures standard output >+ Result string `json:"result"` >+ } >diff --git a/security/teleport5/files/patch-tool_teleport_common_teleport__test.go b/security/teleport5/files/patch-tool_teleport_common_teleport__test.go >new file mode 100644 >index 000000000000..cccc072a243f >--- /dev/null >+++ b/security/teleport5/files/patch-tool_teleport_common_teleport__test.go >@@ -0,0 +1,20 @@ >+--- tool/teleport/common/teleport_test.go.orig 2022-02-23 04:58:43 UTC >++++ tool/teleport/common/teleport_test.go >+@@ -62,7 +62,7 @@ func (s *MainTestSuite) SetUpSuite(c *check.C) { >+ >+ // set imprtant defaults to test-mode (non-existing files&locations) >+ defaults.ConfigFilePath = "/tmp/teleport/etc/teleport.yaml" >+- defaults.DataDir = "/tmp/teleport/var/lib/teleport" >++ defaults.DataDir = "/tmp/teleport/var/db/teleport" >+ } >+ >+ func (s *MainTestSuite) TestDefault(c *check.C) { >+@@ -72,7 +72,7 @@ func (s *MainTestSuite) TestDefault(c *check.C) { >+ }) >+ c.Assert(cmd, check.Equals, "start") >+ c.Assert(conf.Hostname, check.Equals, s.hostname) >+- c.Assert(conf.DataDir, check.Equals, "/tmp/teleport/var/lib/teleport") >++ c.Assert(conf.DataDir, check.Equals, "/tmp/teleport/var/db/teleport") >+ c.Assert(conf.Auth.Enabled, check.Equals, true) >+ c.Assert(conf.SSH.Enabled, check.Equals, true) >+ c.Assert(conf.Proxy.Enabled, check.Equals, true) >diff --git a/security/teleport5/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go b/security/teleport5/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go >new file mode 100644 >index 000000000000..3178f17f721b >--- /dev/null >+++ b/security/teleport5/files/patch-vendor_github.com_kr_pty_ztypes__freebsd__arm64.go >@@ -0,0 +1,16 @@ >+--- vendor/github.com/kr/pty/ztypes_freebsd_arm64.go.orig 2022-10-14 07:07:07 UTC >++++ vendor/github.com/kr/pty/ztypes_freebsd_arm64.go >+@@ -0,0 +1,13 @@ >++// Created by cgo -godefs - DO NOT EDIT >++// cgo -godefs types_freebsd.go >++ >++package pty >++ >++const ( >++ _C_SPECNAMELEN = 0x3f >++) >++ >++type fiodgnameArg struct { >++ Len int32 >++ Buf *byte >++} >diff --git a/security/teleport5/files/patch-version.mk b/security/teleport5/files/patch-version.mk >new file mode 100644 >index 000000000000..1457af7a19fc >--- /dev/null >+++ b/security/teleport5/files/patch-version.mk >@@ -0,0 +1,8 @@ >+--- version.mk.orig 2022-02-23 04:58:43 UTC >++++ version.mk >+@@ -1,4 +1,4 @@ >+-GITREF=`git describe --dirty --long --tags` >++GITREF=%%GH_TAG_COMMIT%% >+ >+ # $(VERSION_GO) will be written to version.go >+ VERSION_GO="/* DO NOT EDIT THIS FILE. IT IS GENERATED BY 'make setver'*/\n\n\ >diff --git a/security/teleport5/files/pkg-message.in b/security/teleport5/files/pkg-message.in >new file mode 100644 >index 000000000000..6559d0153a15 >--- /dev/null >+++ b/security/teleport5/files/pkg-message.in >@@ -0,0 +1,33 @@ >+[ >+{ type: install >+ message: <<EOM >+ATTENTION! This version of Teleport is very old and likely to contain unfixed >+ATTENTION! vulnerabilities. It's only provided to allow for a working upgrade >+ATTENTION! path from 4.4. Watch for an upgrade to teleport6 next. >+ATTENTION! New installations are STRONGLY discouraged (wait for version 7). >+ >+Quick getting started guide: >+ >+1. Read through the Quick Start Guide (see below). >+2. Start teleport: su -c 'sysrc teleport_enable=YES' >+3. If not just setting up a node: su -c 'sysrc teleport_roles=auth,proxy,node' >+4. Review and edit /usr/local/etc/teleport.yaml >+5. Start teleport: su -c 'service teleport start' >+6. Add yourself as a user on the auth server: su -c "tctl users add $USER" >+7. Create a password and 2FA code using the URL emitted during >+ the previous step. >+ >+To add a new node to the cluster, on the auth server: >+ >+ $ tctl nodes add --ttl=5m --roles=node,proxy >+ >+See the docs for additional details: >+ >+Quick start: https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/quickstart.mdx >+Admin Manual: https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/admin-guide.mdx >+User Manual: https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/user-manual.mdx >+Architecture: https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/architecture/overview.mdx >+FAQ: https://github.com/gravitational/teleport/blob/branch/5.0/docs/pages/faq.mdx >+EOM >+} >+] >diff --git a/security/teleport5/files/teleport.in b/security/teleport5/files/teleport.in >new file mode 100644 >index 000000000000..248b0d7dc441 >--- /dev/null >+++ b/security/teleport5/files/teleport.in >@@ -0,0 +1,55 @@ >+#!/bin/sh >+ >+# PROVIDE: teleport >+# REQUIRE: NETWORKING SERVERS DAEMON >+# KEYWORD: shutdown >+# >+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf >+# to enable this service: >+# >+# teleport_enable (bool): Set to NO by default. >+# Set it to YES to enable teleport. >+# teleport_config (str): Configuration file. >+# Default is "${LOCALBASE}/etc/teleport.yaml" >+# teleport_dir (dir): Set dir to run teleport in. >+# Default is "/var/db/teleport". >+# teleport_roles (dir): Set roles to run teleport in. >+# Default is "node". >+# Can be any combination of >+# "node", "app", "proxy" and "auth", separated by commas >+ >+. /etc/rc.subr >+ >+name=teleport >+rcvar=teleport_enable >+ >+load_rc_config $name >+ >+: ${teleport_enable:="NO"} >+: ${teleport_config:="%%PREFIX%%/etc/teleport.yaml"} >+: ${teleport_args:="--config=${teleport_config}"} >+: ${teleport_dir:="/var/db/teleport"} >+: ${teleport_roles:="node"} >+ >+pidfile=/var/run/teleport.pid >+required_files="${teleport_config}" >+procname="%%PREFIX%%/bin/teleport" >+command="/usr/sbin/daemon" >+ >+DAEMON=$(daemon 2>&1 | grep -q syslog ; echo $?) >+if [ ${DAEMON} -eq 0 ]; then >+ DAEMON_SYSLOG_FLAGS="-S -T teleport -s info -m 3" >+else >+ DAEMON_SYSLOG_FLAGS="" >+fi >+ >+command_args="${DAEMON_SYSLOG_FLAGS} -f -p ${pidfile} /usr/bin/env ${teleport_env} ${procname} start --roles=${teleport_roles} ${teleport_args}" >+ >+start_precmd="teleport_prestart" >+ >+teleport_prestart() >+{ >+ mkdir -p ${teleport_dir} >+} >+ >+run_rc_command "$1" >diff --git a/security/teleport5/pkg-descr b/security/teleport5/pkg-descr >new file mode 100644 >index 000000000000..4485b972f7a7 >--- /dev/null >+++ b/security/teleport5/pkg-descr >@@ -0,0 +1,15 @@ >+What is Teleport? >+================= >+Teleport is a gateway for managing access to clusters of *nix servers via >+SSH or the Kubernetes API. While it does also support connecting to >+servers running traditional OpenSSH, its own node deamon is intended to be >+used instead for additional functionality. >+ >+With Teleport it is simple to adopt SSH best practices like using >+certificate-based access and enabling 2FA via TOTP (e.g. Google >+Authenticator), U2F or an SSO provider. Cluster nodes can be accessed via >+a CLI (tsh) or a Web UI which both allow for session sharing. >+ >+Teleport provides centralized user management as well as full session >+recordings that can be played back for knowledge sharing or auditing >+purposes. It can also be used to protect Web applications like dashboards. >-- >2.38.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=239072">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
kraileth
:
maintainer-approval+
Actions:
View
|
Diff
Attachments on
bug 268604
: 239072