Teleport 2.0.1

Description

Teleport 2.0.1 is a major new release of Teleport.

Teleport is a modern SSH server for remotely accessing clusters of Linux servers via SSH or HTTPS. It is intended to be used instead of sshd. Teleport enables teams to easily adopt SSH best practices like: certificate-based access, two-factor authentication, session recording and audit, external identity providers, and much more.

New Features

• Role-based access control (RBAC) (available in Teleport Enterprise).
• Dynamic configuration: manage resources like Roles and Trusted Clusters at runtime (available in Teleport Enterprise).
• Native support for DynamoDB back-end for storing cluster state.
• It is now possible to disable Two-Factor Authentication (2FA).
• Support for Time-based One-time Password Algorithm (TOTP) for Two-Factor Authentication.
• New and easy to use framework for implementing secret storage plug-ins.
• Audit log format has been finalized and documented.
• Experimental simple file-based secret storage back-end.
• SSH agent forwarding (available in Teleport Enterprise).
• Dynamic Roles for external identity providers (available in Teleport Enterprise).
• Added the ability to map claims to roles for external identity providers (available in Teleport Enterprise).

Improvements

• Friendlier CLI error messages.
• Improvements to OpenSSH interoperability including:
  • Host Certificates now contain DNS names as well as Teleport IDs.
  • Corrected export formats for Certificate Authorities.
  • tsh login and tsh agent now support loading keys into external SSH agents.
  • Improvements and fixes for Ansible integration.
• Server-side enforceable authentication.
• Enhanced OIDC functionality to support parsing UserInfo for claims information.

Full list of Github Issues

• https://github.com/gravitational/teleport/milestone/8?closed=1
• https://github.com/gravitational/teleport/milestone/12?closed=1