Single Sign-On (SSO) for SSH and Kubernetes
Teleport easily integrates into a company's existing company directory and SSO system. This
allows SREs, developers and other end-users to access secured infrastructure by simply authenticating
their identity in the
directory. IT administrators don't have the burden of managing SSH keys or local passwords across their server infrastructure.
Teleport supports all major SSO providers, including
Auth0 and many others.
Who can Benefit from SSO?
Using SSO gives end-users a simplified, single click method for accessing compute infrastructure. By integrating with a single source of identity, it reduces the possibility of stale permissions and IT system administrators don't have to managing another set of keys and passwords. This is useful for situations like:
- supervised_user_circleCompany-wide compliance teams overseeing multiple infrastructure and engineering groups who use both Kubernetes and SSH.
- view_comfyManage service providers (MSPs) that manage Kubernetes and generic server clusters for clients.
- settings_system_daydreamRemote support teams from software vendors who wish to manage remote on-site Kubernetes clusters.
- cloud_circleInternet-of-Things (IoT) edge cloud management from a centralized location.
Meet Compliance Requirements
SSO is used to secure the infrastructure and meet compliance requirements
around privileged access. Specifically, it enables security and systems
engineers to enforce security and compliance policies such as:
Multi-factor authentication (MFA). Integrating with
company-wide SSO enables two-factor authentication (2FA)
for SSH sessions using the same access control plane,
simplifying management and audit.
Compliant process for onboarding and transferring employees and contractors.
Ensure privileged access permissions stay up-to-date as individuals switch roles or leave the company.
Monitoring access patterns. Authenticating against a single source of truth allows for the monitoring of access in order to identify unusual patterns.
Overall, the result of implementing SSO is a reduction in
operational overhead. Administrators can control (add, modify,
and revoke) privileged access for teams or individuals from one
place, while users can get access authorization without needing
to manage SSH keys or VPN credentials.