In my test setup, I don’t have a TLS certificate. The regular way of using
tsh login --proxy=proxy-server --insecure --user=user and then
tsh ssh user@target works just fine.
However, after a
tsh logout when I export the identity file with
tsh login --proxy=proxy-server --insecure --user=user --out=user and the try to use
tsh ssh -i user --proxy=proxy-server user@target Teleport throws an error: Get https://proxy-server:3080/v1/webapi/ping: x509: certificate signed by unknown authority
tsh -i user status --proxy=proxy-server has no output.
Is it necessary to have a TLS certificate specified for using an identity file?
My goal is to have a jump host on which users can use the Teleport services (tsh login, tsh ssh…). But the Teleport credentials should be stored on the user’s machine, not on the jump host. Authentication of the jump host will be done with my own certificate management.