Add additional Teleport nodes

When adding additional teleport nodes for SSH, the documentation points to running the command line rather than setting up a Linux service, which will run in the background and survive a reboot. The following steps will act as a reminder on how to add additional nodes for SSH.

tctl nodes add

The "tctl nodes add" command provides a time-bound token for a node to use so that the master accepts the request. As I run the main teleport server within docker, you need to execute this command within the docker container.

and then

On the new server, perform the following:-

  • Visit the Teleport download page and right-hand click and copy the latest version for your server (e.g. Ubuntu is Linux 64-bit DEB)
  • SSH into the node and download the .deb file

wget https://get.gravitational.com/teleport_8.0.1_amd64.deb

  • Install the .deb, which will update the previous version

dpkg -i teleport_8.0.1_amd64.deb

  • Check the version of Teleport client

tctl version

Create a new configuration file /etc/teleport.yaml and add the following values and replacing the fields within < brackets > with actuals values taken from the tctl nodesadd command.

teleport:
  nodename: <node-name>
  data_dir: /var/lib/teleport
  auth_token: <your-auth-token>
  auth_servers:
    - <your-fqdn>:3025
  log:
  output: stderr
  severity: INFO
  ca_pin: <your-ca-pin-hash>
auth_service:
  enabled: no
ssh_service:
  enabled: yes
proxy_service:
  enabled: no

Start the teleport service with the command:

Sudo systemctl enable –now teleport

If everything works successfully, you should be able to see the new node in the teleport proxy server.