Hey everyone! I'm working on an SSH project at my job, and the challenge is that we have hundreds of customers to connect to via SSH. I'm considering options like SSH tunneling, but I'm not sure if that's the best method. I've also been looking into using Teleport to set up a central server with multiple nodes. Initially, I plan to start with the open-source version of Teleport, but I'd like to know if it's really effective or if there are better alternatives.
I want to avoid using VPN because some of our clients are already set up with VPNs, and we can't implement that for various reasons. Does anyone have recommendations on how you handle this situation?
1 Answer
You definitely don’t want to connect to each client's site individually. A tunnel or a reverse SSH proxy is a solid approach. Ideally, whatever devices or applications you have set up at their locations should initiate a tunnel back to a central server that you control. Just make sure you have their permission for this setup! This way, you get a consistent central connection with a predictable IP address that they can configure in their firewalls. There are also some commercial tools available that can help with this.
Just to clarify, when you say you need permission, should that be documented? Like is a written consent necessary?