Merge pull request #2 from natrontech/sg

feat: adding more content 🚀
natrontech · Aug 25, 2023 · a92997c · a92997c
2 parents 8a76d0a + 192ac95
commit a92997c
Show file tree

Hide file tree

Showing 12 changed files with 74 additions and 5 deletions.
diff --git a/docs/access/teleport/client-installation.md b/docs/access/teleport/client-installation.md
@@ -7,7 +7,7 @@ Teleport Connect is a desktop application that allows you to connect to a Telepo
 
 [Download Teleport Connect :fontawesome-solid-download:](https://goteleport.com/download/#install-links){ .md-button }
 
-!!! info "Make sure to select Teleport Connect from the dropdown menu"
+!!! info "Make sure to select `Teleport Connect` from the dropdown menu"
 
 
 <figure markdown>
@@ -24,3 +24,10 @@ It includes the following commands:
   - `tsh ssh` - connect to a node or a cluster
   - `tsh db` - connect to a database
   - `tsh status` - show the status of the Teleport cluster
+
+!!! info "Make sure to select `tsh client` from the dropdown menu"
+
+<figure markdown>
+  ![Teleport](../../assets/images/teleport_tsh_download.png)
+</figure>
+
diff --git a/docs/access/teleport/db-pgadmin.md b/docs/access/teleport/db-pgadmin.md
@@ -33,3 +33,7 @@ Launch pgAdmin and register a new server.
 
 ![Teleport Connect Database](../../assets/images/teleport_connect_pgadmin.png)
 
+Once you connect to the server, you will see a password prompt.
+Just press `OK` to connect and do not enter a password.
+
+![Alt text](../../assets/images/teleport_connect_pgadmin2.png)
diff --git a/docs/access/teleport/first-login.md b/docs/access/teleport/first-login.md
@@ -10,9 +10,17 @@ This URL can be used to sign in to the Web Interface or with a Teleport Client A
 
 Based on the authentication method you will need to sign in with your GitHub, Google, or local account.
 
-### Local account
-You will receive a setup link to create a local account.
-There you will be asked to set a password for your account and register a second factor.
-
 ### GitHub or Google account
 You will be redirected to the GitHub or Google login page.
+
+### Local account
+You will receive a setup link to create a local account. Configure a secure password.
+![First Link Image](../../assets/images/teleport_first_link.png)
+
+After that, you will be asked to set up a second factor.
+You can choose between a TOTP application or a hardware key.
+
+!!! tip "Using a built-in hardware key"
+    If your device supports WebAuthn, you can use the built-in hardware key like Windows Hello or Touch ID on Mac.
+
+![First Link Image](../../assets/images/teleport_second_factor.png)
diff --git a/docs/access/teleport/passwordless-login.md b/docs/access/teleport/passwordless-login.md
@@ -0,0 +1,49 @@
+# Passwordless Login
+
+Passwordless login is a way to sign in to Teleport without a password or a username.
+This requires special hardware like a security key or a fingerprint reader.
+
+## Prerequisites
+
+- Windows or Mac Device that supports WebAuthn
+
+For passwordless login you can use Windows Hello or Touch ID on Mac.
+It is also possible to use a security key like Yubikey.
+
+## Register passwordless login
+
+To register a passwordless login, you need to sign in to the Web Interface.
+
+After that, go to the `Account Settings` page and choose `Two-Factor Devices`.
+
+Add a new device and set Allow Passwordless Login to `Yes`.
+![Passwordless Login](../../assets/images/teleport_passwordless_register.png)
+
+??? warning "Using Touch-ID for passwordless sign-in"
+    Touch ID registrations are isolated by application. A Touch ID registration for tsh client is different from a registration made from Chrome or Safari. You may register the same Touch ID device from multiple applications to get passwordless access in all of them.
+
+    A signed and notarized version of tsh is required for Touch ID. See [Installing Teleport Connect Client](/access/teleport/client-installation/) for instructions.
+
+    To register passwordless sign-in for tsh client you need to be logged in and run the following command:
+
+    ```bash
+    tsh mfa add
+    # Choose device type [TOTP, WEBAUTHN, TOUCHID]: WEBAUTHN
+    # Enter device name: laptop-1
+    # Allow passwordless logins [YES, NO]: YES
+    # Tap any *registered* security key
+    # Tap your *new* security key
+    # MFA device "bio" added.
+    ```
+
+## Sign in with passwordless login
+
+For login with passwordless login in the Web Interface, you need to click on the `Other sign-in options` button and select `passwordless login`.
+
+![Passwordless Login](../../assets/images/teleport_passwordless_login.png)
+
+For logging in with passwordless login in the Teleport TSH Client, you need to use the `--auth=passwordless` flag.
+
+```bash
+tsh login --proxy=teleport.demo.test --auth=passwordless
+```
diff --git a/docs/assets/images/teleport_connect_download.png b/docs/assets/images/teleport_connect_download.png
diff --git a/docs/assets/images/teleport_connect_pgadmin2.png b/docs/assets/images/teleport_connect_pgadmin2.png
diff --git a/docs/assets/images/teleport_first_link.png b/docs/assets/images/teleport_first_link.png
diff --git a/docs/assets/images/teleport_passwordless_login.png b/docs/assets/images/teleport_passwordless_login.png
diff --git a/docs/assets/images/teleport_passwordless_register.png b/docs/assets/images/teleport_passwordless_register.png
diff --git a/docs/assets/images/teleport_second_factor.png b/docs/assets/images/teleport_second_factor.png
diff --git a/docs/assets/images/teleport_tsh_download.png b/docs/assets/images/teleport_tsh_download.png
diff --git a/mkdocs.yaml b/mkdocs.yaml
@@ -20,6 +20,7 @@ nav:
       - access/teleport/index.md
       - Authentication:
         - First Login: access/teleport/first-login.md
+        - Passwordless Login: access/teleport/passwordless-login.md
       - Client Installation: access/teleport/client-installation.md
       - Kubernetes Access:
         - Connect Client: access/teleport/k8s-client.md