Cockpit is the modern Linux admin interface. We release regularly.

Here are the release notes from Cockpit 290, cockpit-machines 288, and cockpit-podman 67:

webserver: Disallow direct URL logins with LoginTo=false

cockpit.conf has a LoginTo= option. This allows the admin to disable the login page’s “Connect to:” functionality for directly logging into a remote host through SSH. Setting it to false previously still left the possibility of a remote login through directly specifying an appropriate URL. With this Cockpit version, LoginTo=false disallows logins through remote URLs as well.

If cockpit-ws is exposed to the public internet, and also has access to a private internal network, it is recommended to explicitly set LoginTo=false. This prevents unauthenticated remote attackers from scanning the internal network for existing machines and open ports.

Machines: Indicate need for shutdown

The VM list and detail pages now display a “changes pending” status label to indicate that the VM needs to be shut down for recent configuration changes to take effect. Clicking the label lists the specific changes.

Machines: Delete storage file when detaching disk

When detaching a disk from a VM, the underlying storage file can now be deleted as well.

Try it out

Cockpit 290 and cockpit-machines 288 are available now:

• For your Linux system

• Cockpit Client

• Cockpit Source Tarball
• Cockpit Fedora 38
• Cockpit Fedora 37
• cockpit-machines Source Tarball
• cockpit-machines Fedora 38
• cockpit-machines Fedora 37
• cockpit-podman Source Tarball
• cockpit-podman Fedora 38
• cockpit-podman Fedora 37