Teleport daemon

The Teleport daemon is called teleport and it supports the following commands:

startStarts the Teleport daemon.
configureDumps a sample configuration file in YAML format into standard output.
versionShows the Teleport version.
statusShows the status of a Teleport connection. This command is only available from inside of an active SSH session.
helpShows help options.

When experimenting, you can quickly start teleport with verbose logging by typing teleport start -d.


Teleport stores data in /var/lib/teleport . Make sure that regular/non-admin users do not have access to this folder on the Auth server.

Systemd unit file

In production, we recommend starting teleport daemon via an init system like systemd. Here's the recommended Teleport service unit file for systemd:

Description=Teleport SSH Service

ExecStart=/usr/local/bin/teleport start --config=/etc/teleport.yaml --pid-file=/run/
ExecReload=/bin/kill -HUP $MAINPID


Daemon restarts

As covered in the Graceful Restarts section, Teleport supports graceful restarts. To upgrade a host to a newer Teleport version, an administrator must:

  1. Replace the Teleport binaries, usually teleport and tctl
  2. Execute systemctl restart teleport

This will perform a graceful restart, i.e. the Teleport daemon will fork a new process to handle new incoming requests, leaving the old daemon process running until existing clients disconnect.

