teleconsole icon indicating copy to clipboard operation
teleconsole copied to clipboard

Published 20 hours ago verified publisher icon gravitational

Instructions on how to setup a teleport bastion

Open thinxer opened this issue 9 years ago • 10 comments

The README says that users can self host a teleport bastion (instead of teleconsole.com) for use with teleconsole. However, I don't find any instructions on teleport's repo. Am I missing something?

I tried running teleport start and connecting teleconsole to localhost:3080 and got "404 Not Found" error. I'm using teleport v1.1.0 and latest version of teleconsole.

thinxer avatar Sep 20 '16 05:09 thinxer

@thinxer for private bastion you basically do not need Teleconsole, you simply use Teleport as-is, I have expanded the doc here: https://www.teleconsole.com/using/#using-private-proxies

Some of this is on this video: https://www.youtube.com/watch?v=bprRpX-4R_0

Teleconsole basically automates the creation of a teleport instance on the server side, but if you're using a private server, you don't need to "create" it - just install teleport, add your machine to it and connect with tsh.

kontsevoy avatar Sep 29 '16 05:09 kontsevoy

@kontsevoy Thanks for the reply. My use case is more like Teleconsole than Teleport. My nodes are ephemeral VMs created by random users. It would not be possible to use Teleport to manage the nodes and users. Shared SSH on-demand like Teleconsole is exactly what I need.

thinxer avatar Sep 29 '16 13:09 thinxer

@thinxer I see. Let me untangle our server scripts from the rest of the infrastructure and I'll create "example" directory or something. Will take a few days though.

kontsevoy avatar Sep 29 '16 20:09 kontsevoy

Interested in this as well. Looking forward to the "example" directory!

Fastidious avatar Feb 02 '17 14:02 Fastidious

This is very similar to my request at gravitational/teleport#803. I think a way to set up teleport nodes to create reverse ssh tunnels without the added burden of setting up a cluster at every single site could satisfy this use case.

zbuttram avatar Mar 01 '17 16:03 zbuttram

any update on this? I'm also interested in running my own teleconsole proxy server. Just instead on teleconsole.com on my own infrastructure.

smurfy avatar Jun 07 '18 11:06 smurfy

@smurfy I have started looking into Teleport chages since Teleconsole was released. The path I'm going is to add the server component to Teleconsole repo (or create another open repo here). No ETA yet, but that's the idea.

kontsevoy avatar Jun 14 '18 01:06 kontsevoy

I wanted to say things for all your work thus far. I would love to see a server side feature so users could run their own "teleconsole.com" registration endpoint. Thanks again!

endzyme avatar Sep 14 '18 16:09 endzyme

Hey just wanted to drop a quick update for everybody on this feature. The latest thinking is to add teleconsole.com functionality to Teleport itself. This also explains the relative lack of activity in this repo. I will be updating tickets here though so you can keep watching them for updates.

kontsevoy avatar Sep 14 '18 23:09 kontsevoy

@kontsevoy anything new on this?

I tried to configure everything following the documentation you've provided but the whole doc seems very confusing to me, first of all teleport command does not have --proxy flag (step 4.), second if I try to connect to localhost I'm constantly getting access denied error, so could you please tell me what am I doing wrong? Thanks

psyhomb avatar Nov 23 '19 22:11 psyhomb