self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-23 02:32:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
1725 commits 3232 branches 4179 tags 1.3 GiB
Commit graph

1725 commits

This branch
This branch
All branches
Author SHA1 Message Date
Ev Kontsevoy 7c0897ac79 Merge remote-tracking branch 'origin/master' into ev/tunnels 2016-06-07 13:52:01 -07:00
Roman Tkachenko 213edbf699 Merge pull request #442 from gravitational/roman/error 
Do not lose an error on reverse tunnel startup
 2016-06-06 21:59:28 -07:00
Roman Tkachenko 38470803cc Do not lose an error on reverse tunnel startup 2016-06-06 21:43:29 -07:00
Alexander Klizhentas 75c864b063 Merge pull request #441 from ernado/ernado/linguist 
fix linguist stats for project
 2016-06-02 11:23:51 -07:00
Aleksandr Razumov 43735d4040 fix linguist stats for project 2016-06-02 20:50:30 +03:00
Ev Kontsevoy d928ff02b8 Intermediate commit 2016-06-01 18:56:48 -07:00
Ev Kontsevoy f75a1c8356 Merge remote-tracking branch 'origin/master' into ev/tunnels 2016-06-01 17:12:49 -07:00
Alexander Klizhentas b0ff554d83 Merge pull request #439 from gravitational/ev/logout 
tsh logout implementation
 2016-06-01 17:05:56 -07:00
Ev Kontsevoy 029233b11f tsh logout implementation 
Fixes #420
 2016-06-01 17:02:39 -07:00
Alexander Klizhentas e546e0b815 Merge pull request #438 from gravitational/ev/296 
Proxy HTTPS fixes
 2016-06-01 15:00:39 -07:00
Ev Kontsevoy 44ff78af9f Merge branch 'ev/296' into ev/tunnels 2016-06-01 14:39:21 -07:00
Ev Kontsevoy 0ae6270c05 Proxy HTTPS fixes 
- Self-signed cert is now compatible with Golang HTTP client
- Fixes #296
- Changed the expiration date for self-signed cert
  from 1 to 10 years.
 2016-06-01 14:38:27 -07:00
Ev Kontsevoy f4a4fa628a Intermediate commit 2016-06-01 13:22:00 -07:00
Ev Kontsevoy b7a24e24f2 Merge pull request #436 from gravitational/ev/tunnels 
Some minor improvements
 2016-06-01 12:46:47 -07:00
Ev Kontsevoy cd135b899e Merge remote-tracking branch 'origin/master' into ev/tunnels 
Conflicts:
	tool/tctl/main.go
 2016-06-01 12:39:36 -07:00
Ev Kontsevoy 3b5231da85 Minor changes 
- some unused code removal
- better error messages
 2016-06-01 00:20:58 -07:00
Ev Kontsevoy cddaf6e5c8 Some minor improvements 
- `tctl auth ls` lists all CAs by default
- Documented `authorize_ip` better
 2016-05-31 18:59:07 -07:00
Alexander Klizhentas 5cb821e6d0 Merge pull request #435 from gravitational/ev/https 
Changed how self-signed HTTPS cert is generated
 2016-05-31 18:42:41 -07:00
Ev Kontsevoy ed0948659b Changed how self-signed HTTPS cert is generated 
Fixes #434

Changes:

- Certificate is not "CA" anymore
- Added "*" for CN field
 2016-05-31 18:36:51 -07:00
Alexander Klizhentas afc6f1a549 Merge pull request #433 from gravitational/ev/tctl 
A bunch of configuration fixes.
 2016-05-31 15:45:09 -07:00
Ev Kontsevoy 92b30c3c77 Configuration changes 
1. data_dir is now a global setting in teleport.yaml (instead of being
   inside of "storage" sub-section)

2. changing data_dir in one place causes all of teleport to use it,
   not just bolt backends.

3. moving auth server to listen on non-default ports properly adjusts
   the global auth_servers setting

4. `tctl` now accepts -c flag just like Teleport, so you can pass
   `teleprot.yaml` to it.

Fixes #432
Fixes #431
Fixes #430
 2016-05-31 14:58:55 -07:00
Ev Kontsevoy 721b0af4a5 tctl "clusters" command to control reverse tunnels 
It always existed as undocumentd 'rts' command.
Making it more user friendly and visible

Refs #309
 2016-05-31 12:39:45 -07:00
Ev Kontsevoy 06fa66b574 Removed debugging panics from the code 2016-05-31 11:22:35 -07:00
Alexander Klizhentas 032e743ca6 Merge pull request #428 from gravitational/ev/lock 
Account lock after N unsuccessful login attempts
 2016-05-30 20:31:49 -07:00
Ev Kontsevoy f74cbde928 Replaced "upssert" with "compare & swap" 
...for login attempt counting
 2016-05-30 20:29:48 -07:00
Ev Kontsevoy 0720fbc8c2 Improvements to "max login attempts" feature 
- increasing login attempt is now atomic within a process
- renamed some functions to be less confusing
 2016-05-30 19:11:14 -07:00
Ev Kontsevoy 9f9c586989 Account lock after N unsuccessful login attempts 2016-05-30 16:17:47 -07:00
Alexander Klizhentas c430ea4e5a Merge pull request #427 from gravitational/ev/var 
Permissions adjustment for data dir
 2016-05-30 14:45:34 -07:00
Ev Kontsevoy 9b9c6901a5 Permissions adjustment for data dir 
Teleport's data dir (`/var/lib/teleport` by default) was created using
umask.

Now it's created with `0600` (readable only by Teleport user).
 2016-05-30 14:23:58 -07:00
Alexander Klizhentas e727a2625c Merge pull request #426 from gravitational/ev/c 
SSH to HTTP tunnel improvements
 2016-05-30 14:11:34 -07:00
Ev Kontsevoy c7902c6afe Cleaned up SSH-HTTP tunnel auth integration 2016-05-30 13:52:23 -07:00
Ev Kontsevoy 3f0ba645a2 1st draft at passing SSH user into auth HTTP API 2016-05-30 01:27:33 -07:00
Alexander Klizhentas 1ae4778214 Merge pull request #424 from gravitational/ev/scp 
PR comments - implemented!
 2016-05-27 11:42:50 -07:00
Ev Kontsevoy 7c3b74d8ff PR comments - implemented! 2016-05-27 11:26:48 -07:00
Alexander Klizhentas f6aa265318 Merge pull request #422 from gravitational/ev/scp 
SCP/Exec improvements
 2016-05-27 10:46:14 -07:00
Ev Kontsevoy ee7b1251f2 Exec behaviour is more compatible with OpenSSH 2016-05-26 18:35:49 -07:00
Ev Kontsevoy ce3bbbde3f SCP error messages are proper now 
`tsh scp` now reports the same error messages as OpenSSH scp:

- when talking to Teleport servers
- when talking to OpenSSH servers
 2016-05-26 18:00:40 -07:00
Ev Kontsevoy 48a74fbeca Intermediate commit (scp up/down works agaisnt openSSH servers) 2016-05-26 14:46:56 -07:00
Ev Kontsevoy 6e6e951650 Intermediate commit 2016-05-25 22:33:07 -07:00
Ev Kontsevoy 227c62912e Direct execution of commands via SSH 
Before this commit, command execution was done via "shell -c", now
Teleport executes them directly
 2016-05-25 15:08:39 -07:00
Ev Kontsevoy dc87ef5aec Clean error reporting for SSH exec 
- stdout and stderr are separated
- exit status is inherited by tsh
 2016-05-24 18:00:26 -07:00
Ev Kontsevoy 9c5235ac90 Minor changes 2016-05-23 23:56:45 -07:00
Ev Kontsevoy 2d566ecbe2 Intermediate commit 2016-05-23 15:50:53 -07:00
Ev Kontsevoy 4abc70c024 Merge pull request #421 from gravitational/ev/advertise-ip 
TunClient changes
 2016-05-20 21:56:56 -07:00
Ev Kontsevoy 87b9569ea3 PR stuff, + some Vagrant improvements 2016-05-20 21:41:14 -07:00
Ev Kontsevoy c990b67d12 PR comments incorporated 2016-05-20 21:00:53 -07:00
Ev Kontsevoy 64393d8d27 Fixed tests 2016-05-20 20:09:13 -07:00
Ev Kontsevoy ab278f0a06 TunClient changes 
TunClient always tries to dial the statically configured auth server
first, before trying "discovered" ones.

The rationale is that --auth flag must override whatever dynamic auth
servers have been discovered (because sometimes their IPs are wrong, if
advertise-ip was misconfigured)

Closes #416
Fixes #416
 2016-05-20 19:38:20 -07:00
Ev Kontsevoy d7f756cac1 Auth server heartbeat presence cleanup 2016-05-20 17:14:04 -07:00
Ev Kontsevoy 3055285edd Removed obsolete data files 2016-05-18 09:47:24 -07:00