Single Sign-On (SSO) for SSH and Kubernetes

Teleport enables Single Sign-On (SSO) for SSH infrastructure, letting your security team enforce compliance rules using a centralized identity provider.

Single Sign-On (SSO) for SSH and Kubernetes

Teleport easily integrates into a company's existing company directory and SSO system. This allows SREs, developers and other end-users to access secured infrastructure by simply authenticating their identity in the directory. IT administrators don't have the burden of managing SSH keys or local passwords across their server infrastructure.

Teleport supports all major SSO providers, including Okta, Sailpoint, Active Directory, OneLogin, G Suite, Auth0 and many others.

Who can Benefit from SSO?

Using SSO gives end-users a simplified, single click method for accessing compute infrastructure. By integrating with a single source of identity, it reduces the possibility of stale permissions and IT system administrators don't have to managing another set of keys and passwords. This is useful for situations like:

Company-wide compliance teams overseeing multiple infrastructure and engineering groups who use both Kubernetes and SSH.

Manage service providers (MSPs) that manage Kubernetes and generic server clusters for clients.

Remote support teams from software vendors who wish to manage remote on-site Kubernetes clusters.

Internet-of-Things (IoT) edge cloud management from a centralized location.

Meet Compliance Requirements

  • SSO is used to secure the infrastructure and meet compliance requirements around privileged access. Specifically, it enables security and systems engineers to enforce security and compliance policies such as:
  • Multi-factor authentication (MFA). Integrating with company-wide SSO enables two-factor authentication (2FA) for SSH sessions using the same access control plane, simplifying management and audit.
  • Compliant process for onboarding and transferring employees and contractors. Ensure privileged access permissions stay up-to-date as individuals switch roles or leave the company.
  • Monitoring access patterns. Authenticating against a single source of truth allows for the monitoring of access in order to identify unusual patterns.
  • Overall, the result of implementing SSO is a reduction in operational overhead. Administrators can control (add, modify, and revoke) privileged access for teams or individuals from one place, while users can get access authorization without needing to manage SSH keys or VPN credentials.

Which Teleport offering is right for you?

Teleport is available through the free, open source Community Edition or our Commercial Offerings.

Community Free and Open-Source Edition Pro Enhanced Features and Support Enterprise Enterprise Grade Security, Compliance and Support
Identity-Based Authentication ? CommunityUses local users or Github Pro Enterprise
Multi-cloud Authentication ? Community Pro Enterprise
Kubernetes & SSH integration ? Community Pro Enterprise
Security Audit Logging ? Community Pro Enterprise
Session Recording ? Community Pro Enterprise
Dynamic Permissions ? Community Pro Enterprise
Support for IoT devices ? Community Pro Enterprise
Trust Federation ? Community Pro Enterprise
Multi-factor Authentication ? Community Pro Enterprise
Web-based client ? Community Pro Enterprise
Command line client ? Community Pro Enterprise
Single Sign-On ? CommunityOnly with Github SSO pro enterprise
Role Based Access Controls ? Community pro Enterprise
Support Channels communityGithub Issues and
Community Forum
proEmail and ticket support enterprisePrioritized email, phone and dedicated Slack/IM channel
Support Availability community proBusiness hours (PT) enterprise24/7 with response time guarantees
Backwards Compatibility (LTS) community proSupport for most recent LTS version enterpriseAll LTS versions are supported for 24-months
Regulation Compliance Support community pro enterpriseFedRamp, HIPAA, PCI, SOC2 and others
  Download Community Demo Pro Demo Enterprise

This site uses cookies to improve service. By using this site, you agree to our use of cookies. More info.