github gravitational/teleport v6.2.0
Teleport 6.2.0
on GitHub

latest releases: v16.0.0-dev.fred-manifests.7, api/v16.0.0-dev.fred-manifests.7, v16.0.0-dev.fred-manifests.6...
2 years ago

Teleport 6.2 contains new features, improvements, and bug fixes.

New Features

Added Amazon Redshift Support

Added support for Amazon Redshift to Teleport Database Access.#6479.

View the Database Access with Redshift on AWS Guide for more details.

Improvements

  • Added pass-through header support for Teleport Application Access. #6601
  • Added ability to propagate claim information from root to leaf clusters. #6540
  • Added Proxy Protocol for MySQL Database Access. #6594
  • Added prepared statement support for Postgres Database Access. #6303
  • Added GetSessionEventsRequest RPC endpoint for Audit Log pagination. RFD 19 #6731
  • Changed DynamoDB indexing strategy for events. RFD 24 #6583

Fixes

  • Fixed multiple per-session MFA issues. #6542 #6567 #6625 #6779 #6948
  • Fixed etcd JWT renewal issue. #6905
  • Fixed issue where kubectl exec sessions were not being recorded when the target pod was killed. #6068
  • Fixed an issue that prevented Teleport from starting on ARMv7 systems. #6711.
  • Fixed issue that caused Access Requests to inconsistently allow elevated Kuberentes access. #6492
  • Fixed an issue that could cause session.end events not to be emitted. #6756
  • Fixed an issue with PAM variable interpolation. #6558

Breaking Changes

Agent Forwarding

Teleport 6.2 brings a potentially backward incompatible change with tsh agent forwarding.

Prior to Teleport 6.2, tsh ssh -A would create an in-memory SSH agent from your ~/.tsh directory and forward that agent to the target host.

Starting in Teleport 6.2 tsh ssh -A by default now forwards your system SSH agent (available at $SSH_AUTH_SOCK). Users wishing to retain the prior behavior can use tsh ssh -o "ForwardAgent local".

For more details see RFD 22 and implementation in #6525.

DynamoDB Indexing Change

DynamoDB users should note that the events backend indexing strategy has changed and a data migration will be triggered after upgrade. For optimal performance perform this migration with only one auth server online. It may take some time and progress will be periodically written to the auth server log. During this migration, only events that have been migrated will appear in the Web UI. After completion, all events will be available.

Note that this migration may cause rate-limiting errors from AWS APIs and is slow on large deployments (1000+ existing audit events). Teleport 6.2.1 will include improved migration performance. If you run a large DynamoDB-based cluster, we advise you to wait for Teleport 6.2.1 before upgrading.

For more details see RFD 24 and implementation in #6583.

Download

Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.

Check out latest releases or
releases around gravitational/teleport v6.2.0

Don't miss a new teleport release

NewReleases is sending notifications on new releases.

Get notifications