Certificate Authority for SSH and Kubernetes

Managing static SSH keys can lead to increased operational overhead and may lead to security vulnerabilities if not managed correctly.

This is especially true with today's dynamic infrastructure and workforce. Servers and individuals come and go, managing who has access to what can be problematic.

Teleport is a Certificate Authority ("CA") for your infrastructure, offering more secure authentication and authorization based on certificates, not keys. The certificates issued by Teleport are short-lived and include rich RBAC meta-data so that you can implement temporary authorization and role-based access controls ("RBAC").

Teleport extends the benefits of using certificate based auth with the following features:

Flexible Expiration Time. Teleport can issue certificates with a configurable expiration time. This allows security administrators to implement policies like single-day access, one time logins or flexible idle connection termination based on a user's group membership.

Certificate Rotation. It's a good idea to occasionally rotate your certificates and you definitely want to do this in certains situations, like a breach. Teleport supports certificate rotation without downtime to keep your systems secure.

Kubernetes support. Teleport can issue certificates that control not only SSH access but access to Kubernetes clusters as well. This gives Kubernetes users (developers) an easy, single step to authenticate for both SSH and Kubernetes. This also creates a single control plane for security administrators to enforce their organization's security policies.

Integration with external identity providers. Teleport integrates with external identity providers, like Okta, ADFS and One Login, through SAML and OIDC so that you have a single source of truth for managing identity. This also enables single sign-on for your employees, so they don't have to log into multiple systems.

Which Teleport offering is right for you?

Teleport is available through our commercial Enterprise offering or the Community open source software.

Teleport Enterprise

Teleport Enterprise is built around the open-source core, with premium support and additional, enterprise-grade features. It is for organizations that need to secure critical production infrastructure and meet compliance and audit requirements.

Teleport Enterprise includes:

Role Based Access Controls (RBAC) for both SSH and Kubernetes clusters.

Integration with all Enterprise Single Sign-On (SSO) providers.

Multi-cluster dashboard with cross-cloud visibility into access and behavior.

Enterprise-grade support with SLAs and dedicated Slack channel.

2-years of long term support and maintenance (2-year LTS).

Prioritized hotfixes and patches for all supported releases under LTS.

Teleport feature roadmap collaboration with product management.

Demo Teleport Enterprise

Teleport Community

Teleport Community provides modern SSH best practices out of the box for managing elastic infrastructure. Teleport Community is open-source software that anyone can download and install for free.

Teleport Community includes:

Local user database and SSO integration with Github.

Monitoring of Github issues and community driven roadmap.

Open community forum for support and feature discussions.

Binaries published for Linux, MacOS and Windows (client only).

Best efforts support. Hotfixes and patches for most recent release.

Download Teleport Community

This site uses cookies to improve service. By using this site, you agree to our use of cookies. More info.