I need to secure Cockpit Access via ssh tunnel and block a password-supported root login in its web interface.
Referring to the Fedora docs under section 7 “Securing Cockpit Access”, could you step through what goes into <host.example.com> and how to set up ssh tunnel?
Fair enough, I would go through the process for local port forwarding (-L option). When relevant to my use case, I should leave the final results here. Until then I’ll keep this open.
Thanks.
My goal is to restrict Cockpit access just to my login and the computer that runs ssh authenticated without a password, and block access from other IPs. This can be achieved through rich rules in firewallD.