Telnet : Telnet is a program that allows users to log into your server and get a command prompt just as if they were logged into the VGA console,One of the disadvantages of Telnet is that the data is sent as clear text. This means that it is possible for someone to use a network analyzer to peek into your data packets and see your username and password.
chargen-stream echo-dgram klogin tcpmux-server
daytime-dgram echo-stream krb5-telnet telnet
daytime-stream eklogin kshell tftp
discard-dgram ekrb5-telnet rmcp time-dgram
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = no
}
Take note disable should be set as no.
[root@xnetbd xinetd.d]# /etc/init.d/xinetd restart
Configure Telnet for root logins : Simply edit the file
console
[root@xnetbd ~]# yum install telnet
Loaded plugins: rhnplugin, security
Repository rhel-debuginfo is listed more than once in the configuration
This system is not registered with RHN.
RHN support will be disabled.
rhel-debuginfo | 951 B 00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package telnet.i386 1:0.17-39.el5 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
telnet i386 1:0.17-39.el5 rhel-debuginfo 57 k
Transaction Summary
================================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 57 k
Is this ok [y/N]: y
Downloading Packages:
telnet-0.17-39.el5.i386.rpm | 57 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : telnet 1/1
Installed:
telnet.i386 1:0.17-39.el5
Complete!
To set up a Telnet server use the
chkconfig
command to activate Telnet.[root@bigboy tmp]# chkconfig telnet on
You can also use the
chkconfig --list
command to verify that telnet will be started on the next reboot. [root@bigboy tmp]# chkconfig --list | grep telnet
telnet: on
Use the chkconfig command to deactivate telnet, even after the next reboot.
[root@bigboy tmp]# chkconfig telnet off
You can test whether the Telnet process is running with the following command which is used to check the TCP/UDP ports on which your server is listening, if it isn't running then there will be no response.
You can test whether the Telnet process is running with the following command which is used to check the TCP/UDP ports on which your server is listening, if it isn't running then there will be no response.
[root@bigboy tmp]# netstat -a | grep telnet
tcp 0 0 *:telnet *:* LISTEN
[root@xnetbd ~]# cd /etc/xinetd.d/
[root@xnetbd xinetd.d]# ls
chargen-dgram discard-stream gssftp rsync time-streamchargen-stream echo-dgram klogin tcpmux-server
daytime-dgram echo-stream krb5-telnet telnet
daytime-stream eklogin kshell tftp
discard-dgram ekrb5-telnet rmcp time-dgram
To run or enable the telnet service following file need to be edited.
[root@xnetbd xinetd.d]# vim /etc/xinetd.d/telnet
service telnet{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = no
}
Take note disable should be set as no.
[root@xnetbd xinetd.d]# /etc/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
You can start/stop/restart xinetd after booting by using the following commands:
[root@bigboy tmp]# service xinetd start [root@bigboy tmp]# service xinetd stop [root@bigboy tmp]# service xinetd restart
To get xinetd configured to start at boot you can use the chkconfig command. [root@bigboy tmp]# chkconfig xinetd on
Configure Telnet for root logins : Simply edit the file
/etc/securetty
and add the following to the end of the file: Now before getting into the details of how to configure Red Hat Linux for root logins, keep in mind that this is VERY BAD security. Make sure that you NEVER configure your production servers for this type of login[root@xnetbd xinetd.d]# vim /etc/securetty
console
pts/0 pts/1 pts/2 pts/3 pts/4 pts/5 pts/6 pts/7 pts/8 pts/9
Let Telnet Allow Connections From Trusted Addresses :You can restrict telnet logins access to individual remote servers by using the only_from keyword in the telnet configuration file. Here's how.
Add a list of trusted servers to the /etc/xinetd.d/telnet file separated by spaces:
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = no
only_from = 192.168.50.19 192.168.1.200
}