Question/Problem:
How to run rsync, git, docker, through teleport for their ssh transport mode?
Solution:
The first option is to set up openssh client compatibility. If you set that up successfully, then anything using the openssh client binary or that at least supports respecting the openssh client config will work normally.
The second option is to manually set each respective application/command to use tsh ssh instead. Not every application supports this. The rest of the document covers these.
Rsync
rsync allows you to specify the remote shell to utilize using the --rsh/-e argument. By default, this is ssh.
rsync -e 'tsh ssh' file1.txt user@host:/path/to/file1.txt
Now rsync will call out to 'tsh ssh' instead of 'ssh' when initiating the connection. This does have the disadvantage that if your tsh session is expired that rsync does not recognize the teleport specific error message that the tsh binary returns and rsync doesn't relay that message to the end user.
You can use teleport node names in the rsync command directly when using this approach.
It is possible to set up an alias in your shell for added convenience:
alias rsync="rsync -e 'tsh ssh'"
git
To make git utilize an alternate command from ssh, you have a few approaches:
- Set the GIT_SSH_COMMAND environment variable to "tsh ssh"
This is handy if you need to go through teleport temporarily. - git config core.sshCommand="tsh ssh"
This can be run inside a git working directory to set up teleport transport for that particular git repository. - git config --global core.sshCommand="tsh ssh"
This sets up teleport transport for git for every git repo for the current user on your local machine.
Docker
When accessing a remote docker daemon via ssh, the docker cli does not support setting a custom ssh binary. This means that you would need to use openssh client compatibility with teleport to access Docker on a teleport ssh node with Docker's ssh transport mode.
export DOCKER_HOST=ssh://user@host
docker ps
Comments
0 comments
Article is closed for comments.