What’s the best practice for connecting a Raspberry Pi to an HDMI display, which should display a dashboard created in Cockpit without a user manually logging in? The dashboard should probably refresh every once in a while too, which leads to a worry that it goes back to the login screen.
I’ve thought about injecting JS into the browser that automates typing in a user/password into the login form, but this isn’t exactly secure. Any other implementations that have been done to reliably and securely keep a device displaying a Cockpit dashboard?
Putting on my Security hat, automated logins aren’t generally a good idea. That password has to be hard-coded somewhere and a competent penetration tester will discover that pretty quickly.
If one really wants to do that, I’d suggest being very specific about what the user has read-only rights to. It might be possible to have your PI have AD credentials, in which case you could integrate Single sign-on with the AD credentials of the Pi. It’s still auto-logging in, but at least your user just has to click one button.
It may be worthwhile to have SwAG design certificate-based authentication where a certificate can be used to log in.