> is that Teleport gives you transcript-level audit logs of your SSH sessions
That is extremely valuable. Just in case 'transcript-level audit' didn't sink in, it's a session recording – not only you can see the all keystrokes typed but you can see all the outputs, the whole state. Someone doing a TOP command for an hour? You can watch the same thing later.
Sasha, CTO@ Teleport here. Thank you for the kind words! And congrats to the Tailscale team on launching SSH product.
Let me share a bit more about our auditing capabilities:
Teleport captures session PTY output and stores it in S3 or any S3 compatible storage for your records by default.
If you would like to get additional, more in-depth insight into the session, Teleport captures syscalls, file access calls and network calls done during SSH session by correlating it with sessions' cgroup using our BPF module:
Teleport provides a lot of other in-depth SSH integration for auditing and compliance, for example we support moderated sessions access control with a required session moderator, or per session-MFA.
We haven't yet fully "productized" it yet because it only records on-device for now. We want to make it stream recordings to another device (that you run) first before considering it done.
That is extremely valuable. Just in case 'transcript-level audit' didn't sink in, it's a session recording – not only you can see the all keystrokes typed but you can see all the outputs, the whole state. Someone doing a TOP command for an hour? You can watch the same thing later.
Think asciinema (https://asciinema.org/).