Listen to this Post
Introduction:
Managing Linux servers traditionally requires deep command-line expertise, creating a barrier for many IT professionals and creating operational friction. Cockpit emerges as a game-changing web-based interface that bridges the gap between visual management and terminal-level control, offering system administrators a secure, intuitive platform to monitor and configure infrastructure from any browser. This open-source tool, which runs on port 9090 with mandatory TLS encryption, is rapidly becoming essential for DevOps teams and security professionals seeking to streamline operations without compromising on security or functionality.
Learning Objectives:
- Master the installation and initial configuration of Cockpit across major Linux distributions
- Implement security hardening techniques including SELinux integration and certificate-based authentication
- Leverage Cockpit’s advanced features for network management, storage administration, and real-time system monitoring
You Should Know:
1. Installing Cockpit and Enabling Secure First Access
Cockpit’s modular architecture makes it available in default repositories of most enterprise Linux distributions. The installation process is straightforward, but proper initial configuration ensures secure remote access. Start by installing the cockpit package along with its core modules:
For RHEL, CentOS, Fedora, or Rocky Linux:
sudo dnf install cockpit -y sudo systemctl enable --now cockpit.socket
For Debian, Ubuntu, or Kali Linux:
sudo apt update sudo apt install cockpit -y sudo systemctl enable --now cockpit.socket
After installation, verify the service status and open the firewall port:
sudo systemctl status cockpit.socket sudo firewall-cmd --add-service=cockpit --permanent sudo firewall-cmd --reload
If using UFW on Debian-based systems: `sudo ufw allow 9090/tcp`
Access Cockpit by navigating to `https://your-server-ip:9090` in any modern browser. The default authentication uses local system credentials—never expose this port directly to the internet without additional security layers.
2. Advanced Security Hardening with SELinux and TLS
Cockpit’s security architecture is its strongest asset, but default configurations require additional hardening for production environments. The tool integrates natively with SELinux, which should remain in enforcing mode to prevent privilege escalation attacks. Cockpit-ws isolates each session with unique certificates, and all traffic is encrypted by default, but you can enhance security by implementing custom certificates and multi-factor authentication.
To replace the default self-signed certificate with a CA-signed one:
sudo mkdir -p /etc/cockpit/ws-certs.d sudo cp your-certificate.crt /etc/cockpit/ws-certs.d/ sudo cp your-private-key.key /etc/cockpit/ws-certs.d/ sudo systemctl restart cockpit
For Kerberos SSO integration, configure Cockpit to use GSSAPI authentication:
sudo cockpit-bridge --privileged --interact=false &
Verify SELinux context on Cockpit files:
ls -Z /usr/libexec/cockpit-ws sudo restorecon -v /etc/cockpit/ws-certs.d/
3. Real-Time Monitoring and Performance Metrics
Cockpit integrates with Performance Co-Pilot (PCP) to deliver granular system metrics. The dashboard provides instant visibility into CPU, memory, disk I/O, and network activity. For advanced visualization, Cockpit can export metrics directly to Grafana, creating enterprise-grade monitoring dashboards without additional agents.
Install PCP and enable historical data collection:
sudo dnf install pcp pcp-system-tools -y RHEL-based sudo apt install pcp -y Debian-based sudo systemctl enable --now pmcd pmlogger
To extend monitoring to Grafana, configure the Grafana data source to point to Cockpit’s PCP metrics endpoint. Cockpit’s API allows embedding these visualizations into custom dashboards using its JavaScript API. Access the API documentation directly from your Cockpit instance at `https://your-server:9090/cockpit/`.
4. Network Management and Firewall Configuration
Network administration through Cockpit provides visual management of NetworkManager connections, bridging, bonding, and VLANs. The firewall management interface leverages Firewalld, allowing zone-based rules and rich rules without complex command-line syntax. This feature alone can reduce misconfigurations that often lead to security breaches.
To create a new bonded interface through Cockpit:
1. Navigate to Networking → Network Interfaces
2. Click “Add Bond”
3. Select slave interfaces and bonding mode (balance-rr, active-backup, etc.)
4. Configure IP settings and apply
For CLI-equivalent operations:
sudo nmcli connection add type bond ifname bond0 mode active-backup sudo nmcli connection add type ethernet ifname eth0 master bond0 sudo firewall-cmd --add-rich-rule='rule family=ipv4 source address=192.168.1.0/24 service name=ssh accept' --permanent
5. Storage Management with LVM and iSCSI
Cockpit’s storage module (storaged) provides enterprise-grade storage management including LVM volume groups, logical volumes, iSCSI targets, and multipath configurations. This visual interface simplifies complex storage operations that would otherwise require extensive command-line knowledge, reducing human error in critical infrastructure.
Create a new LVM logical volume via Cockpit:
1. Navigate to Storage → Storage Devices → Create LVM2 Volume Group
2. Select physical devices and assign volume group name
3. Create logical volumes with specific sizes and filesystems
Command-line verification:
sudo pvs Show physical volumes sudo vgs Show volume groups sudo lvs Show logical volumes
For iSCSI target configuration:
sudo yum install targetcli -y sudo systemctl enable target sudo firewall-cmd --add-service=iscsi-target --permanent
6. Service Management and System Updates
Systemd unit management through Cockpit enables administrators to start, stop, enable, and disable services with real-time log viewing. The package update interface shows available security updates and allows scheduled maintenance windows, ensuring critical patches aren’t overlooked. This centralized control is particularly valuable for compliance with security frameworks like CIS benchmarks.
View and manage failed systemd units:
1. Services tab displays all units with status indicators
2. Click on any service to view detailed logs (journalctl output)
3. Configure service overrides and environment variables
To enable automatic security updates:
sudo dnf install dnf-automatic -y RHEL-based sudo systemctl enable --now dnf-automatic.timer
For Debian: `sudo dpkg-reconfigure –priority=low unattended-upgrades`
7. Web Terminal and API Integration
Cockpit’s embedded web terminal provides full shell access directly from the browser, preserving the power of command-line operations within the visual interface. For developers and automation engineers, Cockpit exposes a comprehensive JavaScript API that allows embedding Cockpit components into custom applications, enabling infrastructure-as-code workflows.
Launch the web terminal and execute privileged commands:
- Click the Terminal icon in the Cockpit interface
- Use sudo for privileged operations (requires password each time)
- Multiple tabs support simultaneous sessions
API usage example for monitoring CPU metrics:
cockpit.dbus("org.freedesktop.PCP", { path: "/org/freedesktop/PCP/Metrics" })
.call("GetMetrics", [["kernel.all.cpu.user", "kernel.all.cpu.sys"]])
.done(function(data) {
console.log(data[bash]);
});
What Undercode Say:
- Cockpit transforms Linux server administration from a command-line-only discipline into a visual, accessible practice without sacrificing security—its TLS enforcement and SELinux integration set a standard for web-based admin tools.
- The tool’s modular design and complete JavaScript API make it ideal for embedding in custom portals, positioning Cockpit as a building block for modern infrastructure management platforms rather than just another admin GUI.
- While Cockpit simplifies operations, security professionals must remember that convenience can introduce risk; proper firewall restrictions, certificate management, and network segmentation are non-negotiable when deploying any web-accessible admin interface.
Prediction:
As organizations accelerate their digital transformation and adopt hybrid cloud architectures, web-based management interfaces like Cockpit will become the standard for day-to-day operations, with CLI reserved for automation and advanced troubleshooting. The increasing integration of Cockpit with container orchestration platforms and its potential for AI-driven predictive analytics suggests it will evolve beyond simple administration into a central component of autonomous infrastructure management, where security and usability converge to meet the demands of modern IT operations.
▶️ Related Video (78% Match):
🎯Let’s Practice For Free:
IT/Security Reporter URL:
Reported By: H%C3%A9ctor Joaqu%C3%ADn – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
