Support for Arista (EOS) and potentially other networking devices.

[Valien]

What

With the growth of SDN and products like Arista Networks using Linux as their SDN OS (EOS) it could be beneficial if Teleport had support for logging and auditing of networking commands.

This could open a whole new world of opportunities in the SDN marketplace.

More info on EOS - https://www.arista.com/en/products/eos-network-solutions-overview

How

Add support for EOS and other SDN OS that are based on Linux and have the ability to support Teleport.

Why

Continued growth around providing access and auditing for engineers.

Workaround

None AFAIK.

[Valien]

Also support for network firewalls like Juniper, Cisco, F5, etc.

[draggeta]

I love for Teleport to support any SSH device, even if it has to use an admin password to allow access. I was evaluating this vs Guacamole for quick RDP and SSH access. Sadly two things won't work for me:

• Network devices don't support agent installation.
• Customers don't want another agent running.

[webvictim]

I have a hunch that this functionality could theoretically be achieved across multiple brands of network devices by adding support for a RADIUS server with short-lived identities to Teleport, then configuring the downstream devices to use Teleport as a RADIUS server. This would allow the devices to have centralised authentication/authorization via Teleport without agent installations.

Proxy recording mode could potentially be extended to support passing a session through to the end device (perhaps even with some form of expect scripting to enter the dynamically-generated username/password on behalf of the user) and recording the traffic.

[Valien]

A good discussion on our community Slack around this potential need - https://goteleport.slack.com/archives/CEZH6UL64/p1681694671519629

[Goldenflamer]

+1