Cockpit is a web-based graphical interface for servers, intended for everyone, especially those who are:
- new to Linux (including Windows admins)
- familiar with Linux and want an easy, graphical way to administer servers
- expert admins who mainly use other tools but want an overview on individual systems
You can read more How to install Cockpit on CentOS 7 / CentOS 9 Stream and configure Nginx reserve proxy
How to install Google Two Factor Authenticator to secure Cockpit
# dnf install google-authenticator qrencode-libsLibqrencode is a fast and compact library for encoding data in a QR Code symbol, a 2D symbology that can be scanned by handy terminals such as a mobile phone with CCD. The capacity of QR Code is up to 7000 digits or 4000 characters and has high robustness.
On CentOS, Libqrencode is available on package qrencode-libs.
# google-authenticator -t -d -f -r 3 -R 30 -WThen edit /etc/pam.d/cockpit
# vi /etc/pam.d/cockpitAnd add the following code at the end of file.
auth required pam_google_authenticator.so nulloknullok means if we have not 2FA in our home, we can still login
Restart cockpit with the following command
# systemctl restart cockpit.socketNow, our cockpit secured with Google Authenticator 2FA.
You can check code on home directory .google_authenticator file contain secret key and 5 recovery codes.
6RJYXWAV3QO3PVWSTVEW7MA4TE
" RATE_LIMIT 3 30 1693590532
" WINDOW_SIZE 3
" DISALLOW_REUSE 56483718
" TOTP_AUTH
16286074
83920070
30194106
64370332
42120293
