← 返回命令列表

Linux command

tsh 命令

文本

复制后可按需替换文件名、目录或参数。

常用示例

Log in to Teleport cluster

tsh login --proxy=[teleport.example.com] --user=[username]

List available SSH servers

tsh ls

SSH to a server

tsh ssh [user]@[hostname]

List Kubernetes clusters

tsh kube ls

Connect to Kubernetes cluster

tsh kube login [cluster-name]

List available databases

tsh db ls

Connect to a database

tsh db connect [database-name]

List active sessions

tsh sessions ls

Log out from cluster

tsh logout

说明

tsh is the Teleport client CLI for accessing infrastructure protected by Teleport. It provides unified access to SSH servers, Kubernetes clusters, databases, and web applications with built-in audit logging and access controls. Authentication via login stores credentials in ~/.tsh with automatic expiration (default 12 hours). Certificates support short-lived access aligned with zero-trust principles. For SSH access, use ssh command or generate native SSH config with tsh config for use with standard ssh clients. Session recording enables play for audit review. Kubernetes access with kube login configures kubectl credentials. Database access via db connect provides authenticated connections to PostgreSQL, MySQL, MongoDB, and other databases. Access requests enable just-in-time privilege escalation with approval workflows. Create requests with request create for resources requiring elevated permissions.

参数

--proxy _address_
Teleport proxy service address.
--user _username_
Teleport username.
--login _os-user_
Remote OS username for SSH.
--ttl _duration_
Session credential TTL. Default: 12h.
--identity _file_
Path to identity file.
--auth _connector_
Authentication connector name.
--insecure
Skip TLS certificate verification.
--debug
Enable verbose debug logging.
--jumphost, -J _host_
SSH jump host.
--cert-format _format_
Certificate format: standard or kubernetes.
--skip-version-check
Skip client/server version compatibility check.

FAQ

What is the tsh command used for?

tsh is the Teleport client CLI for accessing infrastructure protected by Teleport. It provides unified access to SSH servers, Kubernetes clusters, databases, and web applications with built-in audit logging and access controls. Authentication via login stores credentials in ~/.tsh with automatic expiration (default 12 hours). Certificates support short-lived access aligned with zero-trust principles. For SSH access, use ssh command or generate native SSH config with tsh config for use with standard ssh clients. Session recording enables play for audit review. Kubernetes access with kube login configures kubectl credentials. Database access via db connect provides authenticated connections to PostgreSQL, MySQL, MongoDB, and other databases. Access requests enable just-in-time privilege escalation with approval workflows. Create requests with request create for resources requiring elevated permissions.

How do I run a basic tsh example?

Run `tsh login --proxy=[teleport.example.com] --user=[username]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does --proxy _address_ do in tsh?

Teleport proxy service address.