The Teleport service is configured to use only standard ports 22, 80, and 443, to help with access wherever users are.
Additional configuration at the local user site may be required to allow outgoing connections. The diagram below shows the TCP ports and destination hosts used.
Currently the |
tsh login
" step uses ports 80 and 443 in order to log in to the service and obtain the client certificate. http://127.0.0.1:64068/da92794b-9d41-4008-ae6f-83fb77f64486
) and waits for a callback from shell.ecmwf.int
.https://accounts.ec,wf.int
(port 443) involving Keycloak linked to user accounts on ActiveDirectory and HID tokenshell.ecmwf.int
and receives the client certificate completing it's login workflowThe diagram describes the set up for the Teleport instance installed at ECMWF's Data Centre in Reading. The instance that will be installed in the Bologna Data Centre will use the same ports but different hosts. |