Teleport 1.3 adds support for SSH authentication with U2F keys

A somewhat related tool is Vault SSH Helper: <a href="https:&#x2F;&#x2F;github.com&#x2F;hashicorp&#x2F;vault-ssh-helper" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;hashicorp&#x2F;vault-ssh-helper</a><p>It provides an audit log (without session history&#x2F;playback) and one-time passwords for login. It avoids copying of ssh certificates to every host, similar to teleport.<p>One nice advantage with Teleport is the recording of sessions. On the other I like how Vault&#x27;s tool use standard ssh on the client-side.<p>Some type of merge between the two would be a dream :D

Curious if anyone here has hands-on experience with Teleport, and would mind providing a review?

How does one combine something like teleport with policies and audit logging? I&#x27;m referring to the recent controversy around Uber employees playing with sensitive data.<p>Can you use Teleport (or anything else really) to enforce access policies and most importantly audit logging. Especially when combined with hardware tokens like u2f keys,etc

What about access control? I&#x27;d like to assign which user gets to access which server.

Super stoked about this release!<p>Minor nitpick Sasha:<p>Now we are happy to announce that Teleport natively supports the Universal Second Factor (UTF).<p>Should probably be:<p>Now we are happy to announce that Teleport natively supports Universal 2nd Factor (U2F).

What&#x27;s the advantage of using U2F for SSH compared to using public-key authentication with a password-protected smart card (e.g. a Yubikey 4)? I can think of one big disadvantage, which is that with U2F the password has to be shared with the remote end, which is inferior to a password that never leaves the local device.