# Teleport Server Access
### Member form
First, confirm that you have filled out the [Member Form](https://forms.gle/V6vbW6ajnaejQjKp8) with your Github information.
- You have accepted the WATonomous Github Org invite that gets sent to you. You can confirm if you have completed this step by finding yourself in the [member list](https://github.com/orgs/WATonomous/people). If you don't see yourself in the member list, visit [here](https://github.com/orgs/WATonomous/invitation) to accept your invitation.
- (WATonomous team members only) You have merged the [merged request](https://git.uwaterloo.ca/WATonomous/ansible-config/-/merge_requests) that gets created for you
- (WATonomous team members only) The CI `provision_teleport` [job](https://git.uwaterloo.ca/WATonomous/ansible-config/-/jobs) that gets spawned by the merge action succeeded. You have gone into the job ([example](https://git.uwaterloo.ca/WATonomous/ansible-config/-/jobs/69132)) and confirmed that your `user-<username>` role has been created.
### Setup tsh
- Follow the [guide](https://goteleport.com/docs/server-access/guides/tsh/) for installing and using `tsh`, Teleport's CLI.
- The `tsh login` command you need to use is `tsh login --proxy watonomous.teleport.sh --auth watonomous_github_connector`. This will open up a webpage that will attempt to authenticate for server cluster access using Github. Make sure that you are authenticating with the same github account you provided in the membership form. If your browser has cached a different github login, this will not work.
### Setup vscode
- There is an existing Teleport + VSCode [guide](https://goteleport.com/docs/server-access/guides/vscode/). Make sure to read the entire guide word for word. Specifically, you will have to manually add a line like
```
Host delta-ubuntu1.watonomous.teleport.sh thor-ubuntu1.watonomous.teleport.sh tr-ubuntu1.watonomous.teleport.sh wato3-ubuntu1.watonomous.teleport.sh
User rowan
ForwardAgent yes
```
to your `~/.ssh/config` file.
- macOS USERS: So far there is one [issue](https://github.com/gravitational/teleport/issues/9619#issuecomment-1004303820) we have run into with macOS (if you see `Failed to parse remote port from server output` in the log when the vscode connection fails look at this issue)
## Installing Teleport for Window Users
1. Follow the [guide](https://goteleport.com/docs/server-access/guides/tsh/) for installing teleport. You will need to search for the Windows section. The commands shown there should be run in powershell. The commands from the Windows section were copied here below as well.
```
curl https://get.gravitational.com/teleport-v8.0.7-windows-amd64-bin.zip.sha256
curl -O teleport-v8.0.7-windows-amd64-bin.zip https://get.gravitational.com/teleport-v8.0.7-windows-amd64-bin.zip
echo $Env:Path # Edit PATH if necessary
certUtil -hashfile teleport-v8.0.7-windows-amd64-bin.zip SHA256
```
2. Extract the teleport-v8.0.7-windows-amd64-bin.zip file.
3. Once extraction is complete, move the `teleport` folder inside of the teleport-v8.0.7-windows-amd64-bin into `C:\Program Files`
5. Go to the settings and search for `Edit the system environment variables`
6. Go to `Environment Variables` then under System Variables, look for the `Path` Variable
7. Edit the `Path` variable by adding a new line with `C:\Program Files\teleport` so that teleport can be added to your path
## FAQ
- As detailed in the `tsh` [guide](https://goteleport.com/docs/server-access/guides/tsh/#logging-in), `tsh login` has a TTL (time to live) on the certificates you obtain. The TTL is fully configurable. Use `tsh status` to view the TTL status as well as other things.
## Debugging
<details>
<summary>Getting Permission Denied (publickey)</summary>
### SSH Agent Not Started
Usually this means that your SSH agent hasn't been started, or that the Teleport SSH key hasn't been loaded into it.
Start your agent with `eval "$(ssh-agent)"` (Linux) or `Start-Service ssh-agent` (Windows PowerShell).
Once started, run `tsh login <...>` again to load your key, and verify that you see a Teleport key in the output of `ssh-add -l`.
### RSA Disabled with OpenSSH
We have also seen this issue when the OpenSSH client that you have doesn't accept RSA keys (such as with [OpenSSH 8.8](https://www.openssh.com/txt/release-8.8)).
If that is the case, follow the steps in the above link, or in [this issue](https://github.com/gravitational/teleport/discussions/8516?sort=top).
In short, add these additional lines into your `~/.ssh/config`.
```
Host *.watonomous.teleport.sh watonomous.teleport.sh
HostkeyAlgorithms +ssh-rsa-cert-v01@openssh.com
PubkeyAcceptedAlgorithms +ssh-rsa-cert-v01@openssh.com
```
</details>
Sign in with Wallet
Connect another wallet