← 返回 Skills 市场
238
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install teleport-tsh-ssh
功能描述
Use Teleport tsh CLI with a Machine ID (tbot) identity file to SSH into Teleport-managed hosts or run remote commands through Teleport access controls. Trigg...
安全使用建议
This skill is coherent for using Teleport's tsh with a Machine ID identity, but before installing: (1) confirm you want an agent that can read your local tbot identity files (typically sensitive short-lived certs and private keys) in ~/.openclaw/workspace/tbot or other discovered locations; (2) be aware the skill will write the resolved proxy to ~/.openclaw/workspace/tbot/proxy unless you set TELEPORT_PROXY yourself; (3) the SKILL.md references TELEPORT_PROXY but the registry metadata does not declare it — if you rely on environment-based proxy config, set TELEPORT_PROXY to avoid prompts/saves; (4) ensure tsh is installed and that the identity files you point the skill to are the intended automation identities (least privilege); and (5) if you allow autonomous agent invocation, understand the agent could use those identity files to connect to Teleport-managed hosts — limit the identity’s privileges and review companion bootstrap skills and provenance before enabling in sensitive environments.
功能分析
Type: OpenClaw Skill
Name: teleport-tsh-ssh
Version: 1.0.0
The teleport-tsh-ssh skill provides instructions for an AI agent to use the Teleport `tsh` CLI for SSH access, remote command execution, and file transfers using Machine ID identity files. It includes logic for identity file discovery and proxy resolution within the `~/.openclaw/workspace/tbot/` directory. The behavior is entirely consistent with its stated purpose of managing Teleport-mediated access, and no indicators of malicious intent, data exfiltration, or unauthorized persistence were found in SKILL.md or the associated reference documentation.
能力评估
Purpose & Capability
Name and description (Teleport tsh with Machine ID identity) match the instructions: discover/use an identity file, resolve a Teleport proxy, run tsh ssh/ls/scp/status with explicit -i and --proxy. No unrelated services, binaries, or credentials are requested.
Instruction Scope
SKILL.md tells the agent to read identity files (default ~/.openclaw/workspace/tbot/identity or discovered candidates), check mtime to pick a match, optionally prompt the user for a path, and save a resolved proxy to ~/.openclaw/workspace/tbot/proxy. These file reads/writes are expected for this feature, but the skill references the TELEPORT_PROXY env var even though no env vars were declared in metadata — the mismatch should be declared or documented.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is lowest-risk from an install perspective (nothing is downloaded or written by an install step).
Credentials
The skill does not declare required env vars but references TELEPORT_PROXY as a precedence source. It will read sensitive local identity material (Machine ID bundles) from the user's workspace — that is necessary for its function, but users should understand the agent will access those files. No unrelated credentials or remote endpoints are requested.
Persistence & Privilege
always is false and the skill does not request system-wide privileges or modify other skills. It does persist the proxy address to ~/.openclaw/workspace/tbot/proxy, which is reasonable for a client helper. Note: the skill can be invoked autonomously by the agent (disable-model-invocation is false) — combined with access to identity files this increases what the agent could do if misused, but that is normal for skills and not in itself an inconsistency.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install teleport-tsh-ssh - 安装完成后,直接呼叫该 Skill 的名称或使用
/teleport-tsh-ssh触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of teleport-tsh-ssh: Provides standardized workflows for accessing Teleport-managed SSH nodes via tsh with a Machine ID identity file and explicit proxy resolution.
- Supports connecting to Teleport hosts, running remote commands, node discovery, and file transfers using tsh with `-i <identity>` and `--proxy=<proxy>`.
- Implements robust identity file discovery and proxy resolution, with user prompts and fallbacks.
- Provides troubleshooting guidance for common Teleport CLI and access errors.
- Designed to complement the teleport-tbot-bootstrap skill for Machine ID setup.
- Focused on SSH workflows; does not cover app, DB, or Kubernetes access.
- Adds proxy resolution order: TELEPORT_PROXY → saved proxy file → prompt user
- Supports node discovery via `tsh ls`
- Supports command execution via `tsh ssh <host> <cmd>`
• Supports file transfer patterns via `tsh scp`
• Includes practical troubleshooting flow for common Teleport errors
元数据
常见问题
Teleport tsh SSH (Identity-First SSH Access, no passwords/static keys) 是什么?
Use Teleport tsh CLI with a Machine ID (tbot) identity file to SSH into Teleport-managed hosts or run remote commands through Teleport access controls. Trigg... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 238 次。
如何安装 Teleport tsh SSH (Identity-First SSH Access, no passwords/static keys)?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install teleport-tsh-ssh」即可一键安装,无需额外配置。
Teleport tsh SSH (Identity-First SSH Access, no passwords/static keys) 是免费的吗?
是的,Teleport tsh SSH (Identity-First SSH Access, no passwords/static keys) 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Teleport tsh SSH (Identity-First SSH Access, no passwords/static keys) 支持哪些平台?
Teleport tsh SSH (Identity-First SSH Access, no passwords/static keys) 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Teleport tsh SSH (Identity-First SSH Access, no passwords/static keys)?
由 webvictim(@webvictim)开发并维护,当前版本 v1.0.0。
推荐 Skills