While I am using cockpit every time I need to remotely manage the machines, I couldn't get it to log me in via something other than user's login/password, which are not that safe, and it listens to 0.0.0.0 by default too.
So I have to ssh into machine, start cockpit service, use it, and then stop the cockpit.socket once I finish.
Would be great to have something which has its own users/passwords (to have strong password in bitwarden) and doesn't listen to 0.0.0.0 by default. If it's also lightweight – even better!
Yes but if there's going to be something lightweight and correct-by-default I'd prefer that, mostly because I have many machines to manage and a team of people to educate. I'd like default to be good instead of wasting time and risking.
Can you explain a bit more? The user passwords are inherently not strong enough so I disable all ssh via password and only use private keys (id_ed25519). If cockpit allowed me to use one I'd be ok, but if they don't – I at least want some scary auto-generated password only for cockpit, not the system user's one (which is often very weak).
Yes but if there's going to be something lightweight and correct-by-default I'd prefer that, mostly because I have many machines to manage and a team of people to educate. I'd like default to be good instead of wasting time and risking.
So I have to ssh into machine, start cockpit service, use it, and then stop the cockpit.socket once I finish.
Would be great to have something which has its own users/passwords (to have strong password in bitwarden) and doesn't listen to 0.0.0.0 by default. If it's also lightweight – even better!