24Eki
Is accessing Cockpit through SSH tunnel secure?
I can't find a definite answer on accessing cockpit from outside machines securely. Just allowing it through the firewall like that doesn't seem safe. It only uses basic user and password authentication. I think cockpit uses fail2ban to protect against brute forcing password, but is that enough?
So I thought that SSHing into the machine over Internet and then forwarding 9090 port should work - it works for VNC after all. Or is it... is there any vulnerability I might be missing here? Is there perhaps a better way of accessing Cockpit remotely?
I'm running it on a home Ubuntu box.
