Teleport
Teleport provides connectivity, authentication, access controls and audit for infrastructure. It replaces SSH keys, VPNs, and bastions with certificate-based zero-trust access.
Smart Download
Visit Project Homepage
No installer available yet — head to the source repository
One tool to securely access all your servers, K8s clusters, and databases with audit.
Core Features
- Unified access proxy for SSH, Kubernetes, databases, RDP, web apps, and cloud APIs
- Short-lived certificates with MFA, no long-lived keys or passwords
- Built-in SSO support (GitHub, OIDC, SAML)
- Full session recording and audit replay
- Fine-grained RBAC/ABAC policies
What It Can't Do
- •Open-source version uses AGPL license – check compatibility for commercial use; 2. Understand certificate expiry mechanism to avoid outages; 3. Ensure firewall allows ports 443 and 3022; 4. Replace default self-signed certs with a trusted CA in production.
Use Cases
- Centrally manage SSH access to thousands of servers
- Secure database access for engineers without exposing credentials
- Compliance auditing of all privileged sessions
- Replace bastion hosts and legacy VPN with a modern zero-trust gateway
Detailed Introduction
Teleport provides a unified identity-aware access proxy that replaces SSH bastions, VPNs, and complex key management. It uses short-lived certificates for all protocols (SSH, Kubernetes, databases, RDP, web apps, cloud APIs) and integrates with SSO providers. It enables recording and auditing of all sessions, enforces RBAC/ABAC, supports just-in-time access, and works across on-premise and cloud environments. A single Go binary replaces multiple tools while improving security and compliance.
Troubleshooting & FAQ (2)
TroubleshootingWhy does the Teleport integration test TestTimeReconciliation fail intermittently with 'expected notification is not found' error?
This flaky test was caused by a spin loop bug introduced in an x/crypto update. The issue was resolved by reverting that update in PR #67111. To fix, ensure your Teleport build includes this PR (merged after May 26). If you cannot upgrade, the temporary workaround is to disable the spin loop optimization or revert the x/crypto change locally.
TroubleshootingWhy does the Redshift JDBC driver fail to connect through Teleport proxy with 'Illegal UTF-8 sequence' error?
The Redshift JDBC driver expects the PostgreSQL startup message to be sent in a single TCP packet. Teleport's proxy splits this message across multiple packets, causing a UTF-8 decoding error. Workaround: Use the standard PostgreSQL JDBC driver (org.postgresql.Driver) instead of the Redshift-specific driver. This driver works correctly with Teleport's proxy. Track issue #29417 for a permanent fix.
Tags
Getting Started
Download installer
Click the button above to download the installer for your system
Install the software
Double-click the downloaded installer and follow the prompts
Step 1: Download the Teleport binary for your OS from the official website
Step 2: Extract and run `sudo ./teleport start` — it auto-generates config and initializes a cluster
Step 3: Open the printed URL (default https://localhost:443) in browser and log in with the admin account
- Step 1: Download the Teleport binary for your OS from the official website
- Step 2: Extract and run `sudo ./teleport start` — it auto-generates config and initializes a cluster
- Step 3: Open the printed URL (default https://localhost:443) in browser and log in with the admin account
Checksum not available
This project has not published a SHA-256 checksum on its GitHub Release page
SHA256 Checksum
No checksum available
Download directly from GitHub Releases and verify file integrity yourself
All SHA-256 checksums on this platform are extracted from the project's official GitHub Release page, without any modification. You can independently verify them on the GitHub Releases page.
Open Source Transparency
View GitHub SourceUninstall Info
Stop Teleport (`sudo teleport stop` or kill process), delete binary (e.g. `/usr/local/bin/teleport`), config directory (`/etc/teleport.yaml` and `/var/lib/teleport`), and remove systemd unit if present.
No Extra Dependencies
Ready to use after download. No additional runtime required.
Having issues? Check the FAQ below
2 FAQs
Similar Projects
PowerToys
A set of utilities for power users to tune and streamline their Windows experience for greater productivity.
terminal
Modern, feature-rich terminal application for Windows command-line users, with tabs, GPU acceleration, and full customization.
core
Open source home automation that puts local control and privacy first. Perfect for Raspberry Pi or a local server.