The Teleport service is configured to use only standard ports 22, 80, and 443, to help with access wherever users are.
Additional configuration at the local user site may be required to allow outgoing connections. The diagram below shows the TCP ports and destination hosts used.
Versions 8.3.5 and newer of the
|
tsh login
" step uses ports 80 and 443 in order to log in to the service and obtain the client certificate. jump.ecmwf.int
on port 443 (the user is able to see these steps by using the "tsh login --debug"
option)http://127.0.0.1:64068/da92794b-9d41-4008-ae6f-83fb77f64486
) and waits for a callback from jump.ecmwf.int
.https://accounts.ecmwf.int
(on port 443) involving Keycloak linked to user accounts on ActiveDirectory and the TOTP security tokenjump.ecmwf.int
and receives the client certificate completing its login workflow