The easiest, and most secure way to access and protect all of your infrastructure.
AGPL-3.0 License
Bot releases are visible (Hide)
Published by r0mant over 1 year ago
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
clusterName
validation in teleport-cluster
chart. #26974
tsh login
latency by fetching cluster alerts once. #27111
tsh
profile. #27207
1.1.1u
. #27113
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
tsh proxy app
to not require explicit tsh app login
. #26820
clusterName
validation in teleport-cluster
Helm chart. #26973
tsh login
latency by making sure cluster alerts are fetched once. #27110
3.0.9
. #27123
tsh kube
commands in TLS Routing mode behind ALB. #27155
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
--add-keys-to-agent=no
. #26931
tsh.app
Info.plist. #26319
1.20.4
. #25507
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
tsh ssh
. #26853
tctl alert
commands remotely. #26791
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
teleport join openssh
command. #26674
kubectl auth can-i
support to consider kubernetes_resources
RBAC rules. #26584
ProvisionToken
support. #26618
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
This release of Teleport contains multiple improvements and bug fixes.
kubectl auth can-i
support to account for kubernetes_resources
RBAC rules. #26586
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
This release of Teleport contains multiple improvements and bug fixes.
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
tctl
commands not working when IP pinning is enabled. #25993
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
This release of Teleport introduces a preview release of Teleport Assist, a GPT-4 powered chat assistant that allows you to execute commands on servers connected to your Teleport cluster.
It is available for Teleport Cloud customers on Teleport Team plan starting from 05/19/23.
In addition, this release contains the following improvements and bug fixes.
tctl
commands not working when IP pinning is enabled. #25994
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
This release of Teleport contains multiple improvements and bug fixes.
InvalidInstanceID
error feedback during EC2 discovery. #25641
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
Teleport 13 brings the following marquee features and improvements:
In Teleport 13 users can configure their Teleport agents deployed via apt/yum repositories or a Helm chart to be upgraded automatically.
Teleport 13 adds single-port TLS routing mode support to Server, Kubernetes and Application Access for clusters deployed behind application layer load balancers such as AWS ALB.
In Teleport 13 users can import apps and groups from Okta and use Teleport access requests for requesting short-term access to them. This feature is only available in the Teleport Enterprise edition.
Database Access users can now connect to AWS OpenSearch databases.
In Teleport 13 users will be able register OpenSSH nodes as a resource with the cluster.
This will allow users to view the OpenSSH nodes in Web UI and using tsh ls
and use RBAC to control access to them.
See updated OpenSSH integration guide: https://goteleport.com/docs/ver/13.x/server-access/guides/openssh/.
Teleport Connect now includes a new search experience, allowing you to search for and connect to resources across all logged-in clusters.
In Teleport 13 we improved the way Teleport Proxy handles Kubernetes Access credentials.
Users will experience better performance when interacting with Kubernetes clusters using kubectl or via the API.
Teleport 13 binaries (including Teleport Connect) will have universal architecture and run natively on both Intel and ARM macOS systems.
When connecting an RDS database using Teleport 13 Access Management UI, users can connect their AWS account and select the RDS database to add instead of entering details manually.
To try out the new flow, add an RDS database using the Resource Management UI in your cluster’s Web UI dashboard.
Teleport's web UI includes an optional light theme.
The light theme is enabled by default but can be changed back to the dark theme via the top-right corner user settings menu.
Session recordings for Windows desktop sessions can now be exported to video format for offline playback with the new tsh recordings export command.
Teleport 13 adds the ability to transfer files in Moderated Sessions. This feature requires that both the session originator and the moderator have joined the session via the web UI.
Please familiarize yourself with the following potentially disruptive changes in Teleport 13 before upgrading.
require_session_mfa
Users using require_session_mfa
field in teleport_auth_preference
and teleport_role
resources should be aware that the field now accepts a number indicating MFA mode instead of a boolean.
teleport_auth_preference.spec.require_session_mfa
teleport_role.spec.options.require_session_mfa
Possible values are:
| Value | Meaning |
|-------|---------------------------------------------------|
| 0 | Off |
| 1 | Regular per-session MFA |
| 2 | Per-session MFA with hardware key |
| 3 | Per-session MFA with hardware key requiring touch |
Teleport 13 defaults to observer (read-only) mode when joining SSH and Kubernetes sessions. Prior versions of Teleport would default to peer mode for SSH sessions and moderator mode for Kubernetes sessions. To override the default join mode, specify the --mode flag with tsh join.
Teleport 13 removes support for rotating all certificate authorities with tctl auth rotate --type=all
. The type
flag is now required, which ensures that only one CA is rotated at a time, increasing cluster stability during rotations.
The default 30-minute expiry no longer applies to tokens created via YAML resource files. If you want to enforce an expiration, ensure this is set in the metadata.expires
field. Tokens created using tctl nodes add
and tctl tokens add
will continue to have a default 30m expiry applied.
Additionally, users of Teleport’s API module will note that the CreateToken
and UpsertToken
RPCs are now deprecated in favor of CreateTokenV2
and UpsertTokenV2
. The new V2 variants no longer have a default expiry, so be sure to set a TTL if you want your tokens to expire.
The original RPCs are still supported in Teleport 13 and will be removed completely for Teleport 14.
Teleport 13 will refuse to create or update users that reference non-existent roles. In some circumstances, older versions of Teleport would permit you to create users and assign them invalid roles. In Teleport 13 this is a hard error.
Quay.io registry was deprecated in Teleport 11 and starting with Teleport 13, Teleport container images are no longer being published to it.
Users should use the public ECR registry: https://goteleport.com/docs/installation/#docker.
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
Pre-releases are not production ready, use at your own risk!
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by zmb3 over 1 year ago
This release of Teleport contains multiple improvements and bug fixes.
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
Warning: This release has a regression issue that can lead to auth server panic on clusters with access requests.
We strongly recommend upgrading to 12.3.2 or newer instead.
This release of Teleport contains a security Go upgrade as well as multiple improvements and bug fixes.
1.20.4
to fix CVE-2023-24539
, CVE-2023-24540
and CVE-2023-29400
. #25506
Connection
header for ALPN connection upgrade. #25411
Download the current and previous releases of Teleport at https://goteleport.com/download.
labels: security-patch=yes
Published by r0mant over 1 year ago
Warning: This release has a regression issue that can lead to auth server panic on clusters with access requests.
We strongly recommend upgrading to 12.3.2 or newer instead.
This release of Teleport contains multiple improvements and bug fixes.
tsh
for non-SSH protocols. #25430
AccessControlListNotSupported
error in HA terraform. #25335
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
Warning: This release has a regression issue that can lead to auth server panic on clusters with access requests.
We strongly recommend upgrading to 12.3.2 or newer instead.
This release of Teleport contains multiple improvements and bug fixes.
tsh login
with "required" hardware key policy returning "policy not met" error. #24956
tsh ssh
not working when used in rsync -rsh
. #25242
tsh ssh
prompting users for MFA. #25187
tsh ssh
failing to connect over public address with per-session MFA. #25223
tsh scp
failing on some destination paths. #24861
tsh ssh
. #25112
tsh
commands to recognize SSH_
environment variables. #24470
tsh db env
and tsh db config
not recognizing separate MySQL listener. #24827
--set-context
flag to tsh kube login
to allow overriding default context name. #25253
tsh login
. #25300
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
Pre-releases are not production ready, use at your own risk!
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
This release of Teleport contains multiple improvements and bug fixes.
discovery_group
support to discovery service to avoid races between multiple services. #24717
--raw
flag to teleport version
command. #24771
exec
commands status not always being correctly returned to clients. #24154
tsh scp
not recognizing wildcard patterns. #24845
tsh scp
failing when max sessions is set to 1. #24845
tsh scp
failing when path contains a colon. #24845
Download the current and previous releases of Teleport at https://goteleport.com/download.
Published by r0mant over 1 year ago
This release of Teleport contains multiple improvements and bug fixes.
--raw
flag to teleport version
command. #24770
exec
clients. #24160
v1.19.8
. #24065
Download the current and previous releases of Teleport at https://goteleport.com/download.