Cockpit 290
Cockpit is the modern Linux admin interface. We release regularly.
Here are the release notes from Cockpit 290, cockpit-machines 288, and cockpit-podman 67:
webserver: Disallow direct URL logins with LoginTo=false
cockpit.conf has a LoginTo=
option. This allows the admin to disable the login page’s “Connect to:” functionality for directly logging into a remote host through SSH. Setting it to false
previously still left the possibility of a remote login through directly specifying an appropriate URL. With this Cockpit version, LoginTo=false
disallows logins through remote URLs as well.
If cockpit-ws is exposed to the public internet, and also has access to a private internal network, it is recommended to explicitly set LoginTo=false
. This prevents unauthenticated remote attackers from scanning the internal network for existing machines and open ports.
Machines: Indicate need for shutdown
The VM list and detail pages now display a “changes pending” status label to indicate that the VM needs to be shut down for recent configuration changes to take effect. Clicking the label lists the specific changes.
Machines: Delete storage file when detaching disk
When detaching a disk from a VM, the underlying storage file can now be deleted as well.
Try it out
Cockpit 290 and cockpit-machines 288 are available now: