Chapter 28. Managing remote systems in the web console

Connect to the remote systems and manage them in the RHEL 8 web console.

The following chapter describes:

  • The optimal topology of connected systems.
  • How to add and remove remote systems.
  • When, why, and how to use SSH keys for remote system authentication.

Prerequisites

  • Opened the SSH service on remote systems.

28.1. Remote system manager in the web console

Using the RHEL 8 web console to manage remote systems in the network requires considering the topology of connected servers.

For optimal security, Red Hat recommends the following connection setup:

  • Use one system with the web console as a bastion host. The bastion host is a system with opened HTTPS port.
  • All other systems communicate through SSH.

With the web interface running on the bastion host, you can reach all other systems through the SSH protocol using port 22 in the default configuration.

RHEL Cockpit ManagingSystems 484190 0119

28.2. Adding remote hosts to the web console

This section helps you to connect other systems with a user name and password.

Prerequisites

Procedure

  1. In the RHEL 8 web console, click on your username@hostname in the top left corner of the Overview page.

    cockpit username dropdown

  2. In the drop down menu, click the Add new host button.

    cockpit add new host

  3. In the Add new host dialog box, specify the host you want to add.
  4. (Optional) Add the user name for the account to which you want to connect.

    You can use any user account of the remote system. However, if you use credentials of a user account without administration privileges, you will not be able to perform administration tasks.

    If you use the same credentials as for your local system, the web console will authenticate remote systems automatically every time you log in. However, using the same credentials on more machines could be a potential security risk.

  5. (Optional) Click the Color field to change the color of the system.
  6. Click Add.

    The new host will appear in the list of hosts in the username@hostname drop down menu.

Note

The web console does not save passwords used to log in to remote systems which means that you have to log in again after each system restart. Next time you log in, click the Log in button placed on the main screen of the disconnected remote system to open the login dialog.

cockpit not connected to host

28.3. Removing remote hosts from the web console

This section guides you on removing other systems from the web console.

Prerequisites

Procedure

  1. Log in to the RHEL 8 web console.
  2. Click on your username@hostname in the top left corner of the Overview page.

    cockpit username dropdown

  3. Click the Edit Server icon.

    cockpit edit hosts

  4. To remove a host from web console, click the red minus sign button next to its host name. Note that you cannot remove a host you are currently connected to.

    cockpit remove host

As a result, the server is removed from your web console.

28.4. Enabling ssh login for a new host

When you add a new host you can also log into it with an ssh key. If you already have an ssh key on your system, the web console will use the existing one; otherwise, the web console can create a key.

Prerequisites

Procedure

  1. In the RHEL 8 web console, click on your username@hostname in the top left corner of the Overview page.

    cockpit username dropdown

  2. In the drop down menu, click the Add new host button.

    cockpit add new host

  3. In the Add new host dialog box, specify the host you want to add.
  4. Add the user name for the account to which you want to connect.

    You can use any user account of the remote system. However, if you use credentials of a user account without administration privileges, you will not be able to perform administration tasks.

  5. (Optional) Click the Color field to change the color of the system.
  6. Click Add.

    A new dialog window will appear asking for a password.

  7. Enter the user account password.
  8. Check Authorize ssh key if you already have an ssh key.

    cockpit authorize ssh key

  9. Check Create a new SSH key and authorize it if you do not have an SSH key. The web console will create it for you.

    cockpit ssh key add from login

    1. Add a password for the SSH key.
    2. Confirm the password.
  10. Click Log in

    The new host will appear in the list of hosts in the username@hostname drop down menu.

Verification steps

  1. Log out.
  2. Log back in.
  3. Click Log in in the Not connected to host screen.
  4. Select SSH key as your authentication option.

    cockpit ssh login dialog
  5. Enter your key password.
  6. Click Log in.