teleport

Description

This release of Teleport contains multiple improvements and bug fixes.

• Fixed compatibility issue with agents connected to older auth servers. #12728
• Fixed issue with TLS routing endpoint advertising preference for http/1.1 over h2. #12749
• Implemented multiple proxy restart stability improvements. #12632, #12488, #12689
• Improved compatibility with PuTTY. #12662
• Added support for global tsh config file /etc/tsh.yaml. #12626
• Added tbot configure command. #12576
• Fixed issue with Desktop Access not working in Teleport Cloud. #12781
• Improved Web UI performance in large clusters. #12637
• Fixed issue with running MySQL stored procedures via Database Access. #12734

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple improvements and bug fixes.

• Fixed issue with Teleport inadvertently respecting HTTP_PROXY for reverse tunnel connections. #12335
• Fixed issue with tctl users rm treating provided username as a prefix instead of full username. #12726
• Fixed issue with TLS routing endpoint advertising http/1.1 preference instead of h2. #12752
• Implemented multiple proxy restart stability improvements. #12633, #12545, #12693
• Added support for global tsh config file /etc/tsh.yaml. #12625
• Upgraded Go to v1.17.10. #12601
• Improved proxy memory usage in large clusters. #12571

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple performance and stability improvements.

• Fixed issue with broken SSH connectivity after CA rotation. #12334
• Fixed issues with bulk deletions when using Firestore backend. #12175
• Improved reliability of auth/proxy services restart. #12546, #12634, #12561
• Improved reliability of the internal cache system. #12245, #12249
• Improved proxy service memory usage in large clusters. #12562

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple improvements and bug fixes.

• Fixed issue with HTTP_PROXY being inadvertently respected in reverse tunnel connections. #12335
• Added --format flag to tctl token add command. #12588
• Fixed backwards compatibility issues with session upload. #12535
• Added support for persistency in custom mode in Helm charts. #12218
• Fixed issue with PostgreSQL backend not respecting username from certificate. #12553
• Fixed issues with kubectl cp and kubectl exec not working through Kubernetes Access. #12541
• Fixed issues with dynamic registration logic for cloud databases. #12451
• Fixed issue with automatic Add Application script failing to join the cluster. #12539
• Fixed issue with tctl crashing when PAM is enabled. #12572
• Added support for setting priority class and extra labels in Helm charts. #12568
• Fixed issue with App Access JWT tokens not including iat claim. #12589
• Added ability to inject App Access JWT tokens in rewritten headers. #12589
• Desktop Access automatically adds a teleport.dev/ou label for desktops discovered via LDAP. #12502
• Updated Machine ID to generates identity files compatible with tctl and tsh. #12500
• Updated internal build infrastructure to Go 1.17.10. #12607
• Improved proxy memory usage in clusters with large number of nodes. #12573

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple bug fixes and stability improvements.

• Fixed issue with broken SSH connectivity after CA rotation. #12332
• Fixed issue with tsh db ls not working for leaf clusters. #12319
• Fixed issue with labels matching for dynamic databases. #12452
• Fixed issue with resource listing not respecting limit. #12501
• Improved DynamoDB pay-per-request mode support. #12460
• Improved expiration handling in the internal caching system. #12246
• Improved reliability of restart/shutdown in certain scenarios. #12394

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Teleport Connect is a developer-friendly browser for cloud infrastructure.

Traditional terminals are optimized for accessing localhost. Teleport Connect offers enhanced user experience and identity-based access for engineers who work in the cloud.

Teleport Connect requires an installation of Teleport. Download Teleport here, and download Teleport Connect below.

The preview of Teleport Connect is available for amd64 Macs only. It also works on M1 Macs with Rosetta. Support for additional platforms and architectures will be added soon.

Changelog

• 🐛 fix for TOTP authenticators
• ⬆️ bundle tsh v9.2.1

Notes

• Per-session MFA is not currently supported
• Connecting to databases requires a cluster running Teleport 9.1 or newer
• Shared SSH sessions and SCP are not yet supported.

Description

This release of Teleport contains multiple improvements, security and bug fixes.

• Updated tctl rm command to support removing tokens. #12439
• Fixed issue with Teleport failing to start when using DynamoDB backend in pay-per-request mode. #12461
• Fixed issue with Kubernetes port forwarding not working. #12468
• Fixed issue with IAM policy limit when using database auto-discovery on Kubernetes. #12457
• Fixed issue with U2F facets not being properly validated. #12208
• Hardened SQLite permissions. #12360
• Fixed issue with OIDC callback not checking email_verified claim. #12360
• Added max_kubernetes_connections role option for limiting simultaneous Kubernetes connections. #12360
• Fixed issue with Teleport failing to start with pay-per-request DynamoDB mode. #12360
• Reduced Machine ID verbosity in case of missing secure symlink kernel support. #12423
• Fixed tsh proxy db tunnel mode not working for CockroachDB connections. #12400
• Added support for database access certificates in Machine ID. #12195
• Improved shutdown/restart stability in certain scenarios. #12393
• Added support for clickable labels in web UI. #12422

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple improvements and bug fixes.

• Fixed issue with some MySQL clients not being able to connect to MySQL 8.0 servers. #12340
• Fixed multiple conditions that could lead to SSH sessions freezing. #12286
• Fixed issue with tsh db ls failing for leaf clusters. #12320
• Fixed a scenario in which Teleport's internal cache could potentially become unhealthy. #12251, #12002
• Improved performance when opening new Application Access sessions. #12300
• Added flags to the teleport configure command. #12267
• Improved CA rotation stability. #12333
• Fixed issue with mongosh certificate verification when using TLS routing. #12363

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Teleport Connect is a developer-friendly browser for cloud infrastructure.

Traditional terminals are optimized for accessing localhost. Teleport Connect offers enhanced user experience and identity-based access for engineers who work in the cloud.

Teleport Connect requires an installation of Teleport. Download Teleport here, and download Teleport Connect below.

The preview of Teleport Connect is available for amd64 Macs only. It also works on M1 Macs with Rosetta. Support for additional platforms and architectures will be added soon.

Known Issues

• Multi-factor authentication with time-based OTP codes does not work in this release.
• TouchID is not yet supported.
• Shared SSH sessions and SCP are not yet supported.

Description

This release of Teleport contains several improvements and bug fixes.

• Fixed issue with Teleport failing to restart after failed UUID generation. #12223
• Fixed regression issue with Teleport inadvertently starting to respect HTTP_PROXY for reverse tunnel connections. #11990
• Added extra flags to the teleport configure command. #12265
• Fixed issue with Teleport pods not becoming ready when running in Kubernetes. #12242
• Fixed issue with deleting many expired audit events when using Firestore backend. #12176
• Fixed issue where remote cluster cache could become unhealthy in certain situations. #12250

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains two bug fixes.

• Fixed issue with Teleport pods not becoming ready on Kubernetes. #12243
• Fixed issue with Teleport processes crashing upon restart after failed host UUID generation. #12222

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple bug fixes and improvements.

• Fixed regression issue where reverse tunnel connections inadvertently started respecting HTTP_PROXY. #12035
• Fixed potential deadlock in SSH server. #12122
• Fixed issue with Kubernetes service not reporting its readiness. #12152
• Fixed issue with JumpCloud identity provider. #11936
• Fixed issue with deleting many records from Firestore backend. #12177

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple bug fixes and stability improvements.

• Made relogin attempts use strongest auth method. #11848
• Fixed issue with key principals not being used when using identity files. #11792
• Added gRPC latency metrics for auth and proxy services. #11776
• Fixed potential panic in CA rotation. #12107
• Fixed issue with Kubernetes services not reporting its readiness. #12153
• Added ability to sign database credentials with tctl auth sign. #12044
• Fixed issue with Database service not reporting readiness when using dynamic registration. #12041
• Fixed issue with connecting to self-hosted databases in insecure mode. #11759
• Updated tsh db ls to display available users. #11941
• Fixed issue with deleting MFA devices with / in names. #12081
• Updated Go to v1.17.9. #11933
• Fixed Okta OIDC connector. #11718
• Fixed goroutine leak in Okta OIDC client. #12077

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple bug fixes and stability improvements.

• Fixed issue with message of the day not showing up in all scenarios. #11372
• Fixed issue with Kubernetes Access panicking in some cases. #12143
• Improved Teleport process reload reliability when sending SIGHUP. #11455
• Improved in-memory and SQLite cache reliability. #11660
• Fixed potential panic during CA rotation. #12108
• Fixed console player Ctrl-C and Ctrl-D functionality. #11559
• Improved error message when joining to cluster with another cluster's state. #11753
• Improved error message when using incorrect auth connector. #11886
• Fixed issue with not being able to delete MFA devices with / in names. #12109
• Fixed race condition in tsh player. #11491
• Fixed Okta OIDC support. #11718
• Multiple reverse tunnel stability improvements. #11201
• Improved network utilization with session uploader. #11696
• Improved remote clusters bookkeeping. #11705
• Fixed goroutine leak in OIDC client. #12076

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

Teleport 9.1 is a minor release that brings several new features, security and bug fixes.

Security

Teleport build infrastructure was updated to use Go v1.17.9 to fix CVE-2022-24675, CVE-2022-28327 and CVE-2022-27536.

SQL backend (preview)

Teleport users can now use PostgreSQL or CockroachDB for storing auth server data.

See the documentation for more information:

https://goteleport.com/docs/setup/reference/backends/#postgresqlcockroachdb-preview

Server-side filtering and pagination

Searching and filtering resources is now handled on the server, improving the efficiency of queries with tsh, tctl, or the web UI.

The web UI loads resources faster by leveraging server-side pagination. Additionally, the web UI supports bookmarking searches by including the query in the URL.

Other improvements and fixes

• Fixed issue with stdin being ignored after refreshing expired credentials. #11847
• Fixed issue with tsh requiring host login when using identity files for some commands. #11793
• Added support for calling proxy over plain HTTP in insecure mode. #11403
• Fixed multiple issues that could lead to sessions output freezing. #11853
• Added optional gRPC client/server latency metrics. #11773
• Fixed issue with connecting to self-hosted databases in TLS insecure mode. #11758
• Improved error message when incorrect auth connector name is used. #11884
• Implemented multiple moderated session stability improvements. #11803, #11890
• Added authenticated tunnel mode to tsh proxy db command. #11808
• Fixed issue with application sessions not being deleted upon web logout. #11956
• Improved MySQL audit logging to include support for additional commands. #11949
• Improved reliability of Teleport services restart. #11795
• Fixed issue with Okta OIDC auth connector not working. #11718
• Added support for json and yaml formatting to all tsh commands. #12050
• Added support for setting kubernetes_users, kubernetes_groups, db_names, db_users and aws_role_arns traits when creating users. #12133
• Fixed potential CA rotation panic. #12004
• Updated tsh db ls to display allowed database usernames. #11942
• Fixed goroutine leak in OIDC client. #12078

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple improvements and fixes.

• Fixed issue with : not being allowed in label keys. #11563
• Fixed potential panic in Kubernetes Access. #11614
• Added teleport_connect_to_node_attempts_total Prometheus metric. #11629
• Multiple CA rotation stability improvements. #11658
• Fixed console player Ctrl-C and Ctrl-D functionality. #11559
• Improved logging in case of node with existing state joining an new cluster. #11751
• Added preview of PostgreSQL/CockroachDB backend. #11667
• Fixed compatibility issues with CA loading between old and new tsh versions. #11663
• Fixed loggers not respecting JSON configuration. #11655
• Added support for Proxy Protocol v2. #11722
• Fixed a number of tsh player stability issues. #11491
• Improved network utilization caused by session uploader. #11698
• Improved remote clusters inventory bookkeeping. #11707

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple fixes and improvements.

• Fixed issue with tctl not respecting TELEPORT_HOME environment variable. #11560
• Fixed issue with : not being allowed in label keys. #11562
• Fixed issue with panic in Kubernetes access in certain cases. #11611
• Added connect_to_node_attempts_total metric that tracks number of connection attempts to SSH nodes. #11630
• Multiple CA rotation stability improvements. #11659
• Fixed multiple session player issues. #11559, #11491
• Fixed issue with tsh version exiting with error when no tsh config is present. #11727
• Fixed issue with the logger not respecting JSON config. #11602
• Fixed issue with stale Auth Service entries causing connection issues. #11597
• Fixed issue with remote cluster without reverse tunnels not being cleaned up. #11435

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple fixes.

• Fixed issue with tctl ignoring TELEPORT_HOME environment variable. #11561
• Fixed multiple moderated sessions stability issues. #11494
• Fixed issue with tsh version exiting with error when tsh config file is not present. #11571
• Fixed issue with tsh not respecting proxy hosts. #11496
• Fixed issue with Kubernetes forwarder taking HTTP proxies into account. #11462
• Fixed issue with stale DynamoDB Auth Services disrupting agent reconnect attempts. #11598

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple fixes.

• Fixed issue with message of the day not being displayed in some cases. #11371
• Fixed issue with automatic node join script returning 404 in web UI. #11572
• Fixed issue with tsh proxy jump not connecting to leaf proxy. #11497

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Description

This release of Teleport contains multiple features, improvements and fixes.

• Added HTTP_PROXY support to tsh. #10209
• Added support for per-user tsh configuration preferences. #10336
• Added automatic node joining wizard to OSS. #10288
• Improved Desktop Access performance by fixing memory leaks and bitmap optimizations. #10915
• Improved Desktop Access to support proxying to different desktops. #10101
• Improved Application Access HA behavior when accessing applications within a leaf cluster. #10734
• Improved Database Access log spam and automatic discovery. #11020 #10699
• Improved error messages when host is missing in tctl auth sign. #10588
• Improved X11 forwarding support on macOS. #10719
• Fixed multiple issues with CA rotation, graceful restart, and stability. #10706 #11074 #11283
• Fixed an issue where users could create system roles. #8924
• Fixed an issue where an invalid event could lead to the Audit Log being inaccessible to view. #10665
• Fixed an issue with lease contention and concurrent session control. #10666
• Fixed an issue where Teleport could panic during a session recording. #10792
• Fixed an issue where tctl auth sign was creating a kubeconfig file incompatible with Teleport Cloud. #10844
• Fixed an issue where Teleport would not regenerate server identity for Kubernetes Access. #10904
• Fixed an issue where tsh would not deduplicate Access Request IDs. #9453
• Fixed an issue where tsh would not respect TELEPORT_HOME #11087
• Fixed an issue where tsh aws ecr could return Internal Server. #10475
• Fixed an memory leak in the Teleport watcher system. #10871
• Fixed an issue where certain resources could not be deleted. #11124

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.