LinuxCommandLibrary

cockpit-bridge

Connect Cockpit web interface to system services

TLDR

List all cockpit packages

$ cockpit-bridge --packages
copy

Display help
$ cockpit-bridge --help
copy

SYNOPSIS

cockpit-bridge [OPTIONS]

PARAMETERS

--port PORT
    Specifies the port number for the bridge to listen on. Defaults to a dynamically assigned port.

--protocol PROTOCOL
    Specifies the protocol to use for the connection (e.g., ws, wss). Defaults to wss (secure websocket).

--address ADDRESS
    Specifies the address to bind to. Defaults to localhost (127.0.0.1).

--origin ORIGIN
    Specifies the origin(s) to allow for Cross-Origin Resource Sharing (CORS). Use '*' to allow all origins (not recommended for production).

--help
    Displays a help message.

DESCRIPTION

The cockpit-bridge command facilitates communication between the Cockpit web interface and the managed hosts. It acts as a proxy, allowing the web browser to access and manage resources on remote machines. It allows Cockpit to connect to multiple machines from a single web interface. This command is usually automatically started by systemd when Cockpit is accessed through a web browser.

It handles authentication with the managed hosts, ensures secure communication, and translates requests between the web interface and the target system's API. This ensures only authenticated and authorized users can administer the remote hosts. cockpit-bridge plays a crucial role in enabling centralized management of servers and virtual machines through Cockpit.

CAVEATS

The cockpit-bridge command is intended to be managed by Cockpit and systemd. Manually running or modifying its behavior outside of that context may lead to unexpected results or security vulnerabilities. Direct manipulation of the port or origin parameters should be done with extreme care and a strong understanding of the security implications.

AUTHENTICATION

cockpit-bridge handles authentication against the target host using PAM (Pluggable Authentication Modules). This allows Cockpit to leverage existing authentication mechanisms configured on the system.

SECURITY

Security is a primary concern. cockpit-bridge encrypts all traffic between the web browser and the managed hosts using TLS/SSL. CORS (Cross-Origin Resource Sharing) is employed to restrict access to the bridge from unauthorized web origins.

SEE ALSO

cockpit(1), systemd(1)

Copied to clipboard