Cockpit 322
Cockpit is the modern Linux admin interface. We release regularly.
Here are the release notes from Cockpit 322 and cockpit-files 5:
Shell: Deprecate host switching
The “host switcher” at the top-left corner of Cockpit enables connections to multiple machines using SSH, runs a Cockpit session on each connected machine, and lets you switch between them.
Although this feature is useful, when numerous hosts are active, they can potentially interact with each other in ways that might not be expected within an SSH trust boundary. For example, when connecting to an untrusted host from another host, it’s assumed that the untrusted host should not have access or control over the originating host. However, due to web technology limitations, hosts may affect one another through direct remote channels, iframe traversal, cache poisoning, and other means.
After several months of research into current web technologies, we found no way to prevent these concerns. Therefore, the Cockpit team intends to disable the host switcher feature.
As a first step, the host switcher will be disabled by default in:
- Fedora 41 and later
- Debian Unstable and Testing
- CentOS Stream 10
- Red Hat Enterprise Linux 10
- Arch Linux
The host switcher will stay as-is in current stable Linux distributions. This includes Red Hat Enterprise Linux 9, CentOS Stream 9, Fedora 39 and 40, Debian 12 “Bookworm”, and Ubuntu 22.04 LTS and 24.04 LTS.
Alternatives
-
The login page offers a “Connect to:” field which will directly connect to another host using SSH. This is safe as long as you only connect to a single host within a browser session. This will always be supported. However, this only supports user/password or Kerberos authentication, not SSH keys.
-
On a Linux desktop, consider using the Cockpit Client flatpak. It supports password and SSH key authentication to any SSH host and can even provide a Cockpit session for machines which don’t have any Cockpit packages installed.
-
For custom pages that use channels (commands, file operations, D-Bus calls, etc.) on a remote machine, use the cockpit-connect-ssh library to set up the SSH connection instead of relying on the host switcher.
Mitigation
In the short term, you can re-enable host switcher functionality with
the AllowMultiHost
option in
cockpit.conf:
[WebService]
AllowMultiHost=yes
Files: Permissions column in details view
A sortable permissions column is now available in the details view. It shows permissions grouped by who it applies to and further explains permissions using tooltips.
Try it out
Cockpit 322 is available now: