Customer Overview
The customer operates a mission-critical blockchain infrastructure built on the Polygon ecosystem. The infrastructure is hosted across two cloud hosting providers—Hetzner and Contabo—to ensure high availability, redundancy, and operational resilience. Due to the sensitive nature of blockchain operations, securing infrastructure access while maintaining operational efficiency was a top priority.
Challenge
As the blockchain infrastructure expanded, managing administrator access across multiple servers became increasingly complex. The existing SSH-based access model lacked centralized control, creating security and operational challenges.
Public SSH Access: Every server was assigned a public IP address, allowing administrators to connect directly over SSH, increasing the infrastructure’s exposure to potential attacks.
Decentralized User Management: User accounts were manually created and managed on each individual Linux server, making onboarding, offboarding, and access modifications time-consuming and error-prone.
No Centralized Identity & Access Management: There was no unified platform to manage administrator identities, roles, or permissions across the infrastructure.
Limited Audit Visibility: SSH sessions and administrative activities were not centrally logged, making security investigations and compliance reporting difficult.
Operational Overhead: Managing SSH keys, user accounts, and server-level permissions across multiple hosting providers required significant manual effort.
Lack of Zero Trust Security: Infrastructure access relied on traditional network-based trust rather than identity verification, increasing security risks for production blockchain environments.
Compliance Requirements: The organization required a solution capable of providing comprehensive audit logs, session recording, and controlled privileged access to support internal security governance and audit requirements.
Solution
As the technology partner, Techpartner designed and implemented a centralized Zero Trust access management solution using Teleport, providing secure, identity-based access across the customer’s blockchain infrastructure.
The following solutions were delivered by Techpartner to strengthen infrastructure security and simplify access management:
Centralized Access Management: Techpartner deployed a centralized Teleport cluster to manage administrative access across all Linux servers hosted on Hetzner and Contabo.
Identity-Based Authentication: Traditional SSH key-based access was replaced with Teleport’s identity-driven authentication mechanism, ensuring every administrator was authenticated before accessing production systems.
Role-Based Access Control (RBAC): Techpartner configured RBAC policies to provide administrators with only the permissions required for their respective responsibilities, following the Principle of Least Privilege.
Secure Certificate-Based Authentication: Long-lived SSH keys were replaced with short-lived certificates issued by Teleport, significantly reducing the risk of credential compromise.
Centralized User Lifecycle Management: User provisioning, role assignment, and access revocation were centralized through Teleport, eliminating the need to manage user accounts individually on every server.
Session Recording & Audit Logging: Techpartner enabled complete session recording and centralized audit logs, providing full visibility into administrator activities for security monitoring and compliance purposes.
Zero Trust Architecture: Every administrative connection was authenticated, authorized, and verified before access was granted, removing implicit trust based solely on network connectivity.
Architecture Diagram
Third-Party Tools Integrated

Teleport
Techpartner implemented Teleport as the centralized Identity and Access Management (IAM) platform, providing secure SSH access, certificate-based authentication, role-based access control, session recording, and comprehensive audit logging.
Security Approach
Techpartner implemented a modern Zero Trust security architecture focused on identity, access control, and operational visibility.
Centralized Identity & Access Management
All administrator access was consolidated into a single platform, allowing centralized authentication, authorization, and user lifecycle management across servers hosted on multiple cloud providers.
Zero Trust Access
Every administrative session required identity verification and authorization before access was granted. This eliminated implicit trust associated with direct SSH access and significantly strengthened infrastructure security.
Least Privilege Access Control
Role-Based Access Control (RBAC) policies were implemented to ensure administrators received only the minimum permissions necessary to perform their operational tasks.
Comprehensive Audit & Compliance
Session recording and centralized audit logging were enabled to capture every administrative login, command execution, and access event, providing complete traceability for security reviews and compliance audits.
Reduced Attack Surface
By routing administrative access through Teleport instead of relying on direct public SSH access, the overall infrastructure attack surface was significantly reduced while maintaining secure operational access.
Business & Technical Impact
- Centralized administrator access across Hetzner and Contabo infrastructure.
- Eliminated manual server-by-server user management.
- Improved visibility through centralized audit logs and session recording.
- Strengthened infrastructure security using Zero Trust principles.
- Simplified administrator onboarding and offboarding processes.
- Reduced risks associated with long-lived SSH keys through certificate-based authentication.
- Improved compliance readiness with complete administrative activity tracking.
- Established a scalable and secure access management platform capable of supporting future infrastructure growth.





