self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-20 17:23:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
teleport/lib
History
Alan Parra d218fd2625
Implement macOS device enrollment methods (#19079) 
Implement native macOS methods required by device enrollment, namely methods to
Create/Get the device key, Sign challenges with it, and to collect device data
(aka serial number).

The implementation is rather similar to lib/auth/touchid, but simpler in a few
aspects:

1. Device keys don't require user interaction (as in they don't cause a touch ID
   prompt); and
2. There exists, at most, a single device key at all times.

I've added a tiny refactor to reuse Apple public key parsing from touchid, plus
some changes so touchid doesn't break in the face of unexpected keys (which the
device key didn't cause, per se, but my experiments getting to it did).

gravitational/teleport.e#514
2022-12-07 18:11:21 +00:00
..
asciitable PR Buddy 16673 - fix(asciitable): Default maxCellLength to 0 if negative (#17777) 2022-10-25 14:45:26 +01:00
auditd Do not return error from Auditd when process lacks privileges (#17319) 2022-10-17 18:27:24 +00:00
auth Implement macOS device enrollment methods (#19079) 2022-12-07 18:11:21 +00:00
backend Improve error message if dialing etcd nodes times out (#18789) 2022-11-28 18:40:24 +00:00
benchmark Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
bpf Add server_hostname to session.* events (#18812) 2022-11-28 20:28:41 +00:00
cache Remove legacy heartbeat from Kubernetes Service (#18876) 2022-12-01 13:16:41 +00:00
cgroup Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
circleci CircleCI Secure Joining (#17626) 2022-11-01 12:15:10 +00:00
client Add --apply-on-starup flag (#19009) 2022-12-06 15:50:52 +00:00
cloud AWS Redshift Serverless engine support (#18651) 2022-12-01 15:36:48 +00:00
config Add --apply-on-starup flag (#19009) 2022-12-06 15:50:52 +00:00
configurators Fixes for ec2 discovery installer script on legacy ubuntu and fixes for teleport discovery bootstrap (#18775) 2022-12-01 14:37:20 +00:00
darwin Implement macOS device enrollment methods (#19079) 2022-12-07 18:11:21 +00:00
defaults Clean up defaults (#18860) 2022-11-30 15:50:29 +00:00
devicetrust Implement macOS device enrollment methods (#19079) 2022-12-07 18:11:21 +00:00
events Add a new usage reporter (#18142) 2022-12-05 17:13:54 +00:00
fixtures Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
fuzz Cleanup lint targets 2021-10-19 09:21:55 -06:00
githubactions CircleCI Secure Joining (#17626) 2022-11-01 12:15:10 +00:00
httplib Update Referrer-Policy response header to strict-origin (#19114) 2022-12-06 22:07:02 +00:00
inventory Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
joinserver Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
jwt feat: add GCP KMS support for Teleport CA key material (#17933) 2022-11-11 00:03:49 +00:00
kube Fixes dissonance between disconnect_expired_cert vs require_session_mfa (#18607) 2022-12-07 17:00:38 +00:00
kubernetestoken Kubernetes joinMethod (#18659) 2022-12-02 20:30:52 +00:00
labels Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
limiter Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
modules Add recovery codes flag to modules and web config (#19046) 2022-12-06 18:07:33 +00:00
multiplexer Use pre-generated RSA keys in tests (#18750) 2022-12-05 19:33:49 +00:00
observability Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
pam Run GCI as make fix-imports (#17956) 2022-11-04 15:46:46 +00:00
plugin Add recovery codes flag to modules and web config (#19046) 2022-12-06 18:07:33 +00:00
prehog Add a new usage reporter (#18142) 2022-12-05 17:13:54 +00:00
proxy Use pre-generated RSA keys in tests (#18750) 2022-12-05 19:33:49 +00:00
restrictedsession Add server_hostname to session.* events (#18812) 2022-11-28 20:28:41 +00:00
reversetunnel Fix web ssh session with proxy recording mode (#18910) 2022-12-02 19:45:02 +00:00
secret Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
service Prepare sql server kinit authorization (#18299) 2022-12-06 22:55:20 +00:00
services Fixes dissonance between disconnect_expired_cert vs require_session_mfa (#18607) 2022-12-07 17:00:38 +00:00
session Generate new session on new ssh websocket connection. (#18523) 2022-11-28 21:26:57 +00:00
shell Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
srv Fixes dissonance between disconnect_expired_cert vs require_session_mfa (#18607) 2022-12-07 17:00:38 +00:00
sshca Fixes dissonance between disconnect_expired_cert vs require_session_mfa (#18607) 2022-12-07 17:00:38 +00:00
sshutils Security Response Header Uniformity Improvements (#18951) 2022-12-06 00:56:59 +00:00
system CircleCI Secure Joining (#17626) 2022-11-01 12:15:10 +00:00
tbot Use pre-generated RSA keys in tests (#18750) 2022-12-05 19:33:49 +00:00
teleagent Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
teleterm Connect: Detect & reissue expired db certs (#17950) 2022-12-06 12:32:04 +01:00
tlsca Fixes dissonance between disconnect_expired_cert vs require_session_mfa (#18607) 2022-12-07 17:00:38 +00:00
utils Use pre-generated RSA keys in tests (#18750) 2022-12-05 19:33:49 +00:00
versioncontrol Enable GCI linter (#17894) 2022-10-28 20:20:28 +00:00
web Update Referrer-Policy response header to strict-origin (#19114) 2022-12-06 22:07:02 +00:00
runtimeflags.go Correct various typos 2017-10-20 10:20:26 +02:00