When adding additional teleport nodes for SSH, the documentation points to running the command line rather than setting up a Linux service, which will run in the background and survive a reboot. The following steps will act as a reminder on how to add additional nodes for SSH.
The "tctl nodes add
" command provides a time-bound token for a node to use so that the master accepts the request. As I run the main teleport server within docker, you need to execute this command within the docker container.
and then
On the new server, perform the following:-
wget https://get.gravitational.com/teleport_8.0.1_amd64.deb
dpkg -i teleport_8.0.1_amd64.deb
tctl version
Create a new configuration file /etc/teleport.yaml and add the following values and replacing the fields within < brackets > with actuals values taken from the tctl nodes
add
command.
teleport:
nodename: <node-name>
data_dir: /var/lib/teleport
auth_token: <your-auth-token>
auth_servers:
- <your-fqdn>:3025
log:
output: stderr
severity: INFO
ca_pin: <your-ca-pin-hash>
auth_service:
enabled: no
ssh_service:
enabled: yes
proxy_service:
enabled: no
Start the teleport service with the command:
Sudo systemctl enable –now teleport
If everything works successfully, you should be able to see the new node in the teleport proxy server.