Package app runs the application proxy process.

Package desktop implements Desktop Access services, like windows_desktop_access.

Package regular implements SSH server that supports multiplexing tunneling, SSH connections proxying and only supports Key based auth.

CheckHomeDir checks if the user's home dir exists.

ComputeLockTargets computes lock targets inferred from the clusterName, serverID and IdentityContext.

ConfigureCommand creates a command fully configured to execute.

DecodeChildError consumes the output from a child process decoding it from its raw form back into a concrete error.

GetDisconnectExpiredCertFromIdentity calculates the proper value for DisconnectExpiredCert based on whether a connection is set to disconnect on cert expiry, and whether the cert is a short lived (<1m) one issued for an MFA verified session.

IsReexec determines if the current process is a teleport reexec command.

NewAuthHandlers initializes authorization and authentication handlers.

NewConnectionMonitor returns a ConnectionMonitor that can be used to monitor connection activity and terminate connections based on various cluster conditions.

NewExecRequest creates a new local or remote Exec.

NewHeartbeat returns a new instance of heartbeat.

NewHostUsers initialize a new HostUsers object.

NewServerContext creates a new *ServerContext which is used to pass and manage resources, and an associated context.Context which is canceled when the ServerContext is closed.

NewSessionController creates a SessionController from the provided config.

NewSessionTracker returns a new SessionTracker for the given types.SessionTracker.

NewTerminal returns a new terminal.

NewTermManager creates a new TermManager.

NewTrackingReadConn returns a new tracking read connection.

RunAndExit will run the requested command and then exit.

RunCommand reads in the command to run from the parent process (over a pipe) then constructs and runs the command.

RunForward reads in the command to run from the parent process (over a pipe) then port forwards.

StartKeepAliveLoop starts the keep-alive loop.

StartMonitor starts a new monitor.

WebSessionController is a wrapper around [SessionController] which can be used to create an [IdentityContext] and apply session controls for a web session.

CommandFile is used to pass the command and arguments that the child process should execute from the parent process.

ContinueFile is used to communicate to the child process that it can continue after the parent process assigns a cgroup to the child process.

ErrorFile is used to communicate any errors terminating the child process to the parent process.

FileTransferApproved is used when a file transfer request has received an approval decision and the policy is fulfilled.

FileTransferDenied is used when a file transfer request is denied.

FileTransferUpdate is used when a file transfer request is created or updated.

FirstExtraFile is the first file descriptor that will be valid when extra files are passed to child processes without a terminal.

HeartbeatModeApp sets heartbeat to apps and will use keep alives.

HeartbeatModeAuth sets heartbeat to auth that does not support keep alives.

HeartbeatModeDatabaseService sets heartbeat mode to DatabaseService.

HeartbeatModeDB sets heartbeat to db.

HeartbeatModeKube is a mode for kubernetes service heartbeats.

HeartbeatModeNode sets heartbeat to node updates that support keep alives.

HeartbeatModeProxy sets heartbeat to proxy that does not support keep alives.

HeartbeatModeWindowsDesktop sets heartbeat mode to windows desktop.

HeartbeatModeWindowsDesktopService sets heartbeat mode to windows desktop service.

HeartbeatStateAnnounce is set when full state has to be announced back to the auth server.

HeartbeatStateAnnounceWait is set after successful announce, heartbeat will wait until server updates information, or time for next announce comes.

HeartbeatStateInit is set when the state has not been collected yet, or the state is not fetched.

HeartbeatStateKeepAlive is set when only sending keep alives is necessary.

HeartbeatStateKeepAliveWait is set when heartbeat will waiting until it's time to send keep alive.

PTYFile is a PTY the parent process passes to the child process.

ReadyFile is used to communicate to the parent process that the child has completed any setup operations that must occur before the child is placed into its cgroup.

SessionControlsInfoBroadcast is sent in tandem with session creation to inform any joining users about the session controls.

TerminateFile is used to communicate to the child process that the interactive terminal should be killed as the client ended the SSH session and without termination the terminal process will be assigned to pid 1 and "live forever".

TTYFile is a TTY the parent process passes to the child process.

X11File is used to communicate to the parent process that the child process has set up X11 forwarding.

AccessRequests are the access requests associated with a session.

AuthHandlerConfig is the configuration for an application handler.

AuthHandlers are common authorization and authentication related handlers used by the regular and forwarding server.

ConnectionMonitor monitors the activity of connections and disconnects them if the certificate expires, if a new lock is placed that applies to the connection, or after periods of inactivity.

ConnectionMonitorConfig contains dependencies required by the ConnectionMonitor.

ExecCommand contains the payload to "teleport exec" which will be used to construct and execute a shell.

ExecResult is used internally to send the result of a command execution from a goroutine to SSH request handler and back to the calling client.

Heartbeat keeps heartbeat state, it is implemented according to actor model - all interactions with it are to be done with signals.

HeartbeatConfig is a heartbeat configuration.

HeartbeatV2 heartbeats presence via the inventory control stream.

HostSudoersProvisioningBackend is used to implement HostSudoersBackend.

HostUsersProvisioningBackend is used to implement HostUsersBackend.

IdentityContext holds all identity information associated with the user logged on the connection.

KeepAliveParams configures the keep-alive loop.

Monitor monitors the activity on a single connection and disconnects that connection if the certificate expires, if a new lock is placed that applies to the connection, or after periods of inactivity.

MonitorConfig is a wiretap configuration.

PAMConfig represents all the configuration data that needs to be passed to the child.

ServerContext holds session specific context, such as SSH auth agents, PTYs, and other resources.

SessionController enforces session control restrictions required by locks, private key policy, and max connection limits.

SessionControllerConfig contains dependencies needed to create a SessionController.

SessionRegistry holds a map of all active sessions on a given SSH server.

SessionTracker is a session tracker for a specific session.

SSHServerHeartbeatConfig configures the HeartbeatV2 for an ssh server.

SubsystemResult is a result of execution of the subsystem.

TermHandlers are common terminal handling functions used by both the regular and forwarding server.

TermManager handles the streams of terminal-like sessions.

TrackingReadConn allows to wrap net.Conn and keeps track of the latest conn read activity.

TrackingReadConnConfig is a TrackingReadConn configuration.

UaccMetadata contains information the child needs from the parent for user accounting.

X11Config contains information used by the child process to set up X11 forwarding.

AccessPoint is the access point contract required by a Server.

ActivityTracker is a connection activity tracker, it allows to update the activity on the connection and retrieve the time when the connection was last active.

Exec executes an "exec" request.

HeartbeatI abstracts over the basic interface of Heartbeat and HeartbeatV2.

LockEnforcer determines whether a lock is being enforced on the provided targets.

RequestSender is an interface that implements SendRequest.

Server is regular or forwarding SSH server.

SessionAccessEvaluator is the interface that defines criteria needed to be met in order to start and join sessions.

Subsystem represents SSH subsystem - special command executed in the context of the session.

Terminal defines an interface of handy functions for managing a (local or remote) PTY, such as resizing windows, executing commands with a PTY, and cleaning up.

TrackingConn is an interface representing tracking connection.

WebSessionContext contains information associated with a session established via the web ui.

FileFD is a file descriptor passed down from a parent process when Teleport is re-executing itself.

FileTransferRequestEvent is an event used to Notify party members during File Transfer Request approval process.

GetServerInfoFn is function that returns server info.

HeartbeatMode represents the mode of the heartbeat node, proxy or auth server.

KeepAliveState represents state of the heartbeat.

LookupGroup is used to mock the value returned by user.LookupGroup(string).

LookupUser is used to mock the value returned by user.Lookup(string).