Cockpit makes Linux discoverable. But it's really a Linux session in a
web browser, accessing the native system APIs and tools directly from
javascript.
Does that sound scary? How can we be sure that accessing Linux from a
web browser is secure? What about the web server stack? What about
authentication and privilege escalation?
We'll talk about how Cockpit deals with security, authentication,
privilege escalation, and browser lock down. I'll show you various
techniques to tailor Cockpit's security options to your situation, like
using bastion hosts.