|
| 1 | +Teleport provides connectivity, authentication, access controls and audit for infrastructure. |
| 2 | + |
| 3 | +Here is why you might use Teleport: |
| 4 | + |
| 5 | +* Set up SSO for all of your cloud infrastructure [1]. |
| 6 | +* Protect access to cloud and on-prem services using mTLS endpoints and short-lived certificates. |
| 7 | +* Establish tunnels to access services behind NATs and firewalls. |
| 8 | +* Provide an audit log with session recording and replay for various protocols. |
| 9 | +* Unify Role-Based Access Control (RBAC) and enforce the principle of least privilege with [access requests](https://goteleport.com/features/access-requests/). |
| 10 | + |
| 11 | +[1] The open source version supports only GitHub SSO. |
| 12 | + |
| 13 | +Teleport works with SSH, Kubernetes, databases, RDP, and web services. |
| 14 | + |
| 15 | +* Architecture: https://goteleport.com/docs/architecture/ |
| 16 | +* Getting Started: https://goteleport.com/docs/getting-started/ |
| 17 | + |
1 | 18 | <div align="center"> |
2 | 19 | <a href="https://goteleport.com/download"> |
3 | | - <img src="./assets/img/hero-teleport-platform.png" width=750/> |
| 20 | + <img src="./assets/img/hero-teleport-platform.svg" width=750/> |
4 | 21 | </a> |
5 | 22 | <div align="center" style="padding: 25px"> |
6 | 23 | <a href="https://goteleport.com/download"> |
|
19 | 36 | </div> |
20 | 37 | </br> |
21 | 38 |
|
22 | | -> Read our Blog: https://goteleport.com/blog/ |
23 | | -
|
24 | | -> Read our Documentation: https://goteleport.com/docs/getting-started/ |
25 | | -
|
26 | 39 | ## Table of Contents |
27 | 40 |
|
28 | 41 | 1. [Introduction](#introduction) |
|
37 | 50 |
|
38 | 51 | ## Introduction |
39 | 52 |
|
40 | | -Teleport is the easiest, most secure way to access all your infrastructure. |
41 | | -Teleport is an identity-aware, multi-protocol access proxy which understands |
42 | | -SSH, HTTPS, RDP, Kubernetes API, MySQL, MongoDB and PostgreSQL wire protocols. |
| 53 | +Teleport includes an identity-aware access proxy, a CA that issues short-lived certificates, a unified access control system and a tunneling system to access resources behind the firewall. |
43 | 54 |
|
44 | | -On the server-side, Teleport is a single binary which enables convenient secure |
45 | | -access to behind-NAT resources such as: |
| 55 | +We have implemented Teleport as a single Go binary that integrates with multiple protocols and cloud services: |
46 | 56 |
|
47 | | -* [SSH nodes](https://goteleport.com/docs/getting-started/) - SSH works in browsers too! |
| 57 | +* [SSH nodes](https://goteleport.com/docs/server-access/introduction/). |
48 | 58 | * [Kubernetes clusters](https://goteleport.com/docs/kubernetes-access/introduction/) |
49 | | -* [PostgreSQL, MongoDB, CockroachDB and MySQL databases](https://goteleport.com/docs/database-access/introduction/) |
50 | | -* [Internal Web apps](https://goteleport.com/docs/application-access/introduction/) |
51 | | -* [Windows Hosts](https://goteleport.com/docs/desktop-access/introduction/) |
52 | | -* [Networked servers](https://goteleport.com/docs/server-access/introduction/) |
53 | | - |
54 | | -Teleport is trivial to set up as a Linux daemon or in a Kubernetes pod. It's rapidly |
55 | | -replacing legacy `sshd`-based setups at organizations who need: |
| 59 | +* [PostgreSQL, MongoDB, CockroachDB and MySQL databases](https://goteleport.com/docs/database-access/introduction/). |
| 60 | +* [Internal Web apps](https://goteleport.com/docs/application-access/introduction/). |
| 61 | +* [Windows Hosts](https://goteleport.com/docs/desktop-access/introduction/). |
| 62 | +* [Networked servers](https://goteleport.com/docs/server-access/introduction/). |
56 | 63 |
|
57 | | -* Developer convenience of having instant secure access to everything they need |
58 | | - across many environments and cloud providers. |
59 | | -* Audit log with session recording/replay for multiple protocols |
60 | | -* Easily manage trust between teams, organizations and data centers. |
61 | | -* Role-based access control (RBAC) and flexible access workflows (one-time [access requests](https://goteleport.com/features/access-requests/)) |
| 64 | +You can set up Teleport as a [Linux daemon](https://goteleport.com/docs/#set-up-a-demo-cluster) or a [Kubernetes deployment](https://goteleport.com/docs/deploy-a-cluster/helm-deployments/). |
62 | 65 |
|
63 | | -In addition to its hallmark features, Teleport is interesting for smaller teams |
64 | | -because it facilitates easy adoption of the best infrastructure security |
65 | | -practices like: |
| 66 | +Teleport focuses on best practices for infrastructure security: |
66 | 67 |
|
67 | | -- No need to manage shared secrets such as SSH keys: Teleport uses certificate-based access with automatic certificate expiration time for all protocols. |
| 68 | +- No need to manage shared secrets such as SSH keys or Kubernetes tokens: it uses certificate-based auth with certificate expiration for all protocols. |
68 | 69 | - Two-factor authentication (2FA) for everything. |
69 | 70 | - Collaboratively troubleshoot issues through session sharing. |
70 | 71 | - Single sign-on (SSO) for everything via GitHub Auth, OpenID Connect, or SAML with endpoints like Okta or Active Directory. |
71 | 72 | - Infrastructure introspection: Use Teleport via the CLI or Web UI to view the status of every SSH node, database instance, Kubernetes cluster, or internal web app. |
72 | 73 |
|
73 | | -Teleport is built upon the high-quality [Golang SSH](https://godoc.org/golang.org/x/crypto/ssh) |
74 | | -implementation. It is _fully compatible with OpenSSH_, |
75 | | -`sshd` servers, and `ssh` clients. |
| 74 | +Teleport uses [Go crypto](https://godoc.org/golang.org/x/crypto). It is _fully compatible with OpenSSH_, `sshd` servers, and `ssh` clients, Kubernetes clusters and more. |
76 | 75 |
|
77 | 76 | |Project Links| Description |
78 | 77 | |---|---- |
|
0 commit comments