Learning how to install Teleport on Ubuntu 22.04 is an essential practice to safeguard your system. We’re here to help you do just that, so read on!
Security and reliability are critically important aspects of any system. For this reason, Linux is considered a perfect platform owing to its stability, security, and efficiency. We’re here to learn more about Teleport installation on Ubuntu, which is essentially a certification authority, along with the methods to install and use it on Ubuntu.
What is Teleport Utility?
The Teleport utility is available for several operating systems such as Unix-based systems, Windows, and macOS. The Teleport utility is written in Go language and can be used on any system with golang toolchain support. It is an open-source tool and you can establish a single sign-on system with it.
It primarily serves as a certification authority and access plane such that you can access different applications via single sign-on. These applications include but are not limited to Kubernetes, SSH shell, database, desktop, and web applications.
In case you are accessing these services via different web servers with SSH—you can tie them all with a single sign-on service using Teleport. In addition, it enables you to interact and record your sessions in various environments.
The following are some of the features of Teleport: server access, application access, Kubernetes access, database access, desktop access, cloud, and enterprise.
How to Install Teleport on Ubuntu 22.04
In the next few paragraphs, we will discuss Teleport’s installation process.
Before starting the installation of Teleport, there are certain prerequisites you have to take note of:
- A valid domain name to access the Teleport web interface.
- At least 8GB of random access memory (RAM) and three central processing unit (CPU) cores.
- Recommended to test first on a clean system.
- The server has to be a fully qualified domain name (FQDN) configured to be accessible from other nodes.
- Administrative rights to perform the installation.
- Port 433 opens SSL installed on your system.
- Access to a DNS service such as AWS Routed 53 or core DNS.
Downloading GPG’s signing key
By default, Ubuntu doesn’t have Teleport installed on your computer. So you need to install it first. Also, it is not part of the Ubuntu official repository but instead has a dedicated repository. Therefore, you must add the GPG key. To install it, import the Teleport GPG key.
You can use the following command to import the GPG key into your system:
$curl https://deb.releases.teleport.dev/teleport-pubkey.asc | sudo apt-key add -
Add the Teleport registry
In the next step, we will add Teleport’s repository to your system. For this purpose, use the following command:
$sudo add-apt-repository 'deb https://deb.releases.teleport.dev/ stable main'.
Update apt repository
Now, you need to update the system package index. The following command illustrates that:
$ sudo apt update
The above command will refresh the APT.
Now, you can install Teleport on your system.
$ sudo apt-get install teleport
Configuring Teleport on your system
To use Teleport for the first time, we should ensure security by performing these steps.
Generate an SSL certificate
As a first step, we will generate an SSL certificate using the following command:
$ openssl req -x509 -nodes -newkey rsa:4096 -keyout /var/lib/teleport/teleport.key \ -out /var/lib/teleport/teleport.pem -sha256 -days 3650 \ -subj "/C=US/ST=NewYork/L=NewYork/O=town website/OU=Org/CN=domain.com"
As seen above, you can change the domain name and other options such as country, state, locale, and company name. If you successfully performed the above step, you will see a screen as seen below:
Generating Teleport’s configuration file
In order to create a configuration file to run Teleport, use the following command:
teleport configure -o /etc/teleport.yaml \ --cluster-name=doman.com \ --public-addr=teleport.domain.com:443 \ --cert-file=/var/lib/teleport/teleport.pem \ --key-file=/var/lib/teleport/teleport.key
You can also view the content of the Teleport configuration to run this command. You can use the cat command for this purpose:
$ cat /etc/teleport.yaml
Start the Teleport service
Now, you can start and enable Ubuntu’s Teleport service using the following commands:
$ sudo systemctl enable --now teleport $ sudo systemctl status teleport
Create a new user
Start creating a new user and assign roles.
$ sudo tctl users add town --roles=editor, access
You can even assign additional roles and permissions, as seen below:
$ sudo tctl users add atown --roles=editor,access -- logins=root,ubuntu,atown,user
Note down the link above. Note that it has a one-hour expiry. Now to get the login code, you must type in a new password and scan the QR code. You can then start working once the account is created.
Installation with docker and helm
There is a pre-built image for dockers available for different versions of Teleport. All of these images are hosted on the AWS website. In addition, you can install the helm chart repository with the following command:
helm repo add Teleport https://charts.releases.Teleport.dev
And that’s about it for this article. Earlier we discussed the installation and configuration of the Teleport tool. We also tackled how we can install the tool by performing various steps.
Teleport is a useful tool for visualizing a server’s infrastructure. It is also available for various operating systems. If you want, there is even an option to install the tool via docker and helm. More details about Teleport can be found in their official documentation.
If this guide helped you, please share it.