If you've ever used Cockpit you might know of the different authentication methods it currently supports. It can be pretty much anything, such as username and password, Kerberos, public keys, single sign-on, or smart cards. But given the nature of Cockpit being a web-based interface we can only support public key authentication through our Flatpak package called Cockpit Client as browsers themselves are sandboxed and can't access your system keys.

I dislike password authentication when SSHing into a machine but need it for Cockpit access through the browser. Let's see if passkeys can save the day with the help of sssd and FreeIPA!

Cockpit is a web-based graphical interface for server management of a variety of Linux distributions. Our modifications of the system are made using system APIs and commands with our authentication functioning in the same way with the help of PAM modules.

https://cockpit-project.org/ https://sssd.io/ https://www.freeipa.org/page/Main_Page https://flathub.org/en/apps/org.cockpit_project.CockpitClient