Analysis updated 2026-06-21
Replace scattered SSH keys across your team with Teleport's certificate-based access that auto-expires and is enforced by SSO.
Give developers auditable, role-based access to production databases without issuing long-lived credentials.
Access servers sitting behind firewalls and NAT gateways without opening inbound firewall ports.
Record and replay every SSH session for compliance audits or security incident investigations.
| gravitational/teleport | temporalio/temporal | googlecloudplatform/microservices-demo | |
|---|---|---|---|
| Stars | 20,298 | 20,232 | 20,224 |
| Language | Go | Go | Go |
| Setup difficulty | hard | moderate | hard |
| Complexity | 4/5 | 4/5 | 4/5 |
| Audience | ops devops | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires deploying a Teleport cluster, configuring an SSO provider, and installing agents on each resource you want to protect.
Teleport is an open-source infrastructure access platform that centralizes and secures how teams connect to servers, databases, Kubernetes clusters, internal web applications, and Windows desktops. The problem it solves is the operational and security complexity of managing access to infrastructure: in a typical company, different tools handle SSH keys for servers, separate credentials for databases, and yet more tokens for Kubernetes, with no unified audit trail and inconsistent security enforcement. Teleport replaces all of that with a single system. Instead of distributing long-lived SSH keys or passwords, it acts as a certificate authority that issues short-lived, time-limited certificates for every connection. When a certificate expires, access is automatically revoked, no manual key rotation required. Every session is authenticated via single sign-on (SSO) through providers like GitHub, Okta, or Active Directory, with two-factor authentication enforced across all resource types. Role-based access control determines who can reach what, and every connection is logged with full session recording that can be replayed later for compliance or troubleshooting. Teleport also solves the problem of accessing resources behind firewalls and NAT gateways: it sets up encrypted tunnels so that servers inside private networks can register with a central Teleport cluster without opening inbound firewall ports. The whole system is distributed as a single Go binary that acts as different components depending on how it is configured. It runs on Linux, can be deployed on Kubernetes, and is fully compatible with standard SSH clients and tools. It is primarily used by engineering and DevOps teams at companies that need auditable, policy-enforced access to their production infrastructure.
Teleport is an open-source infrastructure access platform that replaces scattered SSH keys and credentials with a single secure system, short-lived certificates, SSO login, and full session recording for servers, databases, Kubernetes, and internal apps.
Mainly Go. The stack also includes Go, Linux, Kubernetes.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.