linux可视化管理cockpit

作者
49 次阅读

本文最后更新于 2026年5月11日。

cockpit

我的centos没有这个工具,需要先安装
[root@racknerd-d17e8e opt]# systemctl start cockpit
Failed to start cockpit.service: Unit cockpit.service not found.
[root@racknerd-d17e8e opt]# yum install cockpit
Last metadata expiration check: 2:36:01 ago on Thu 14 Sep 2023 03:09:19 AM CDT.
Dependencies resolved.

安装完成后启动服务
查询开启的端口发现新出现了9090端口,所以服务启动成功
Complete!
[root@racknerd-d17e8e opt]# systemctl start cockpit
[root@racknerd-d17e8e opt]# ss -tuln
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:*
udp UNCONN 0 0 [::1]:323 [::]:*
tcp LISTEN 0 511 127.0.0.1:34273 0.0.0.0:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 4096 *:9090 *:*
tcp LISTEN 0 128 [::]:22 [::]:*
tcp LISTEN 0 4096 *:27864 *:*
[root@racknerd-d17e8e opt]#

访问服务器的这个端口
107.174.250.116:9090

就能看到这个界面了

现在登录会提示用户名或密码错误

systemctl enable --now cockpit.socket
激活控制台
[root@racknerd-d17e8e opt]# systemctl enable --now cockpit.socket
Created symlink /etc/systemd/system/sockets.target.wants/cockpit.socket → /usr/lib/systemd/system/cockpit.socket.

其他设置中的connect to要写入ip地址
写localhost或者公网ip都可以
然后会弹出提示,接受即可
“`

New host

You are connecting to localhost for the first time.

To ensure that your connection is not intercepted by a malicious third-party, please verify the host key fingerprint:

SHA256:eHaHbZy3T1LlKz/uWBErzdf3EGViAo2JD44k5JQ5Dfo

(ecdsa-sha2-nistp256)

To verify a fingerprint, run the following on localhost while physically sitting at the machine or through a trusted network:

ssh-keyscan -t ecdsa-sha2-nistp256 localhost | ssh-keygen -lf –

The resulting fingerprint is fine to share via public methods, including email.

If the fingerprint matches, click “Accept key and log in”. Otherwise, do not log in and contact your administrator.
“`

但是会提示授权错误
## Authentication failed

查看状态
“`
[root@racknerd-d17e8e opt]# systemctl status cockpit.socket
● cockpit.socket – Cockpit Web Service Socket
Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; vendor preset: disabled)
Active: active (running) since Thu 2023-09-14 05:47:06 CDT; 15min ago
Until: Thu 2023-09-14 05:47:06 CDT; 15min ago
Triggers: ● cockpit.service
Docs: man:cockpit-ws(8)
Listen: [::]:9090 (Stream)
Tasks: 0 (limit: 4698)
Memory: 1.1M
CPU: 29ms
CGroup: /system.slice/cockpit.socket

Sep 14 05:47:06 racknerd-d17e8e systemd[1]: Starting Cockpit Web Service Socket…
Sep 14 05:47:06 racknerd-d17e8e systemd[1]: Listening on Cockpit Web Service Socket.
“`

晚上仔细一看下面这个文件
/etc/cockpit/disallowed-users

内容是
“`

List of users which are not allowed to login to Cockpit

root

“`

刚开始还没有发现异常,后面忽然注意到是not allowed,开始想当然的以为是allow。

注释成如下形式立即就可以访问了。

“`

List of users which are not allowed to login to Cockpit

230914 把root注释掉

root

“`

短短三天有一千多次攻击,大家一定注意服务器的安全设置。