diff options
Diffstat (limited to 'sys-cluster/teleport/files/teleport.yaml')
-rw-r--r-- | sys-cluster/teleport/files/teleport.yaml | 18 |
1 files changed, 3 insertions, 15 deletions
diff --git a/sys-cluster/teleport/files/teleport.yaml b/sys-cluster/teleport/files/teleport.yaml index e297bb89b571..384dea937c97 100644 --- a/sys-cluster/teleport/files/teleport.yaml +++ b/sys-cluster/teleport/files/teleport.yaml @@ -1,5 +1,6 @@ # By default, this file should be stored in /etc/teleport.yaml - +## IMPORTANT ## +#When editing YAML configuration, please pay attention to how your editor handles white space. YAML requires consistent handling of tab characters # This section of the configuration file applies to all teleport # services. teleport: @@ -17,7 +18,7 @@ teleport: # when running in multi-homed or NATed environments Teleport nodes need # to know which IP it will be reachable at by other nodes - # advertise_ip: 10.1.0.5 + # public_addr: 10.1.0.5 # list of auth servers in a cluster. you will have more than one auth server # if you configure teleport auth to run in HA configuration @@ -43,19 +44,10 @@ teleport: # This section configures the 'auth service': auth_service: - # Turns 'auth' role on. Default is 'yes' enabled: yes - # Turns on dynamic configuration. Dynamic configuration defines the source - # for configuration information, configuration files on disk or what's - # stored in the backend. Default is false if no backend is specified, - # otherwise if backend is specified, it is assumed to be true. - dynamic_config: false - # defines the types and second factors the auth server supports authentication: - # type can be local or oidc - type: local # second_factor can be off, otp, or u2f second_factor: otp @@ -97,9 +89,7 @@ auth_service: # This section configures the 'node service': ssh_service: - # Turns 'ssh' role on. Default is 'yes' enabled: yes - # IP and the port for SSH service to bind to. listen_addr: 0.0.0.0:3022 # See explanation of labels in "Labeling Nodes" section below @@ -119,9 +109,7 @@ ssh_service: # This section configures the 'proxy servie' proxy_service: - # Turns 'proxy' role on. Default is 'yes' enabled: yes - # SSH forwarding/proxy address. Command line (CLI) clients always begin their # SSH sessions by connecting to this port listen_addr: 0.0.0.0:3023 |