FullProfilePath returns the full path to the user profile directory.

GetTokenFromHOTPMockFile opens HOTPMock from file, gets token value, increases hotp and saves it to the file.

LogoutFromEverywhere looks at the list of proxy servers tsh is currently logged into by examining ~/.tsh and logs him out of them all.

MakeIdentityFile takes a username + his credentials and saves them to disk in a specified format.

NewClient creates a TeleportClient object and fully configures it.

NewFSLocalKeyStore creates a new filesystem-based local keystore object and initializes it.

NewKey generates a new unsigned key.

NewLocalAgent reads all Teleport certificates from disk (using FSLocalKeyStore), creates a LocalKeyAgent, loads all certificates into it, and returns the agent.

ParseLabelSpec parses a string like 'name=value,"long name"="quoted value"` into a map like { "name" -> "value", "long name" -> "quoted value" }.

ParsePortForwardSpec parses parameter to -L flag, i.e.

Ping serves two purposes.

ProfileFromDir reads the user (yaml) profile from a given directory.

ProfileFromFile loads the profile from a YAML file.

SSHAgentLogin issues call to web proxy and receives temp certificate if credentials are valid proxyAddr must be specified as host:port.

SSHAgentSSOLogin is used by SSH Agent (tsh) to login using OpenID connect.

SSHAgentU2FLogin requests a U2F sign request (authentication challenge) via the proxy.

If there's a current profile symlink, remove it.

Username returns the current user's username.

CurrentProfileSymlink is a filename which is a symlink to the current profile, usually something like this: ~/.tsh/profile -> ~/.tsh/staging.yaml .

DefaultIdentityFormat is what Teleport uses by default.

HTTPS is https prefix.

IdentityFormatFile is when a key + cert are stored concatenated into a single file.

IdentityFormatOpenSSH is OpenSSH-compatible format, when a key and a cert are stored in two different files (in the same directory).

Directory location where tsh profiles (and session keys) are stored.

WSS is secure web sockets prefix.

PingResponse contains the form of authentication the auth server supports.

Benchmark specifies benchmark requests to run.

BenchmarkResult is a result of the benchmark.

CachePolicy defines cache policy for local clients.

CertAuthMethod is a wrapper around ssh.Signer (certificate signer) object.

ClientProfile is a collection of most frequently used CLI flags for "tsh".

Config is a client config.

CreateSSHCertReq are passed by web client to authenticate against teleport server and receive a temporary cert signed by auth server authority.

CreateSSHCertWithU2FReq are passed by web client to authenticate against teleport server and receive a temporary cert signed by auth server authority.

ForwardedPort specifies local tunnel to remote destination managed by the client, is equivalent of ssh -L src:host:dst command.

FSLocalKeyStore implements LocalKeyStore interface using the filesystem Here's the file layout for the FS store: ~/.tsh/ ├── known_hosts --> trusted certificate authorities (their keys) in a format similar to known_hosts └── sessions --> server-signed session keys └── host-a | ├── cert | ├── key | └── pub └── host-b ├── cert ├── key └── pub.

HOTPMock is a HOTP that can be saved or load from file Using HOTPMock disables the hotp security level, don't use it in production.

Key describes a complete (signed) client key.

NodeClient implements ssh client to a ssh node (teleport or any regular ssh node) NodeClient can run shell and commands or upload and download files.

OIDCSettings contains the Name and Display string for OIDC.

PingResponse contains data about the Teleport server like supported authentication types, server version, etc.

ProxyClient implements ssh client to a teleport proxy It can provide list of nodes or connect to nodes.

SAMLSettings contains the Name and Display string for SAML.

SSHLoginResponse is a response returned by web proxy.

SSOLoginConsoleReq is used to SSO for tsh.

SSOLoginConsoleResponse is a response to SSO console request.

TeleportClient is a wrapper around SSH client with teleport specific workflow built in.

U2FSettings contains the AppID for Universal Second Factor.

A request from the client for a U2F sign request from the server.

WebClient is a package local lightweight client used in tests and some functions to handle errors properly.

LocalKeyStore interface allows for different storage back-ends for TSH to load/save its keys The _only_ filesystem-based implementation of LocalKeyStore is declared below (FSLocalKeyStore).

HostKeyCallback is called by SSH client when it needs to check remote host key or certificate validity.

IdentityFileFormat describes possible file formats how a user identity can be sotred.

ShellCreatedCallback can be supplied for every teleport client.