HPE Community
Operating System - Linux
1829103 Members
2934 Online
109986 Solutions
New Discussion

Re: Control the telnet sessions

 
SOLVED
Go to solution
peterchu
Super Advisor

‎04-22-2004 09:08 PM

‎04-22-2004 09:08 PM

Control the telnet sessions

We have a RH Linux , and the users use telnet to access the system , how to control the no. of telnet to the system ? thx.
0 Kudos
Reply
7 REPLIES 7
Alexander Chuzhoy
Honored Contributor

‎04-22-2004 09:19 PM

‎04-22-2004 09:19 PM

Solution

Re: Control the telnet sessions

add a line
instance = 3
to a file /etc/xinetd.d/telnet to limit the telnet to allow 3 simultanious connections.
service xinetd restart mut be executed after changes in /etc/xinetd.d/telnet file
Reply
Stuart Browne
Honored Contributor

‎04-25-2004 11:19 AM

‎04-25-2004 11:19 AM

Re: Control the telnet sessions

That will control the total number of telnet instances, not per user.

On a per-user basis, you'd best either use one of the funky scripts provided in various other threads on the same subject, or use pam to do the limiting in '/etc/pam.d/login':

session required /lib/security/pam_limits.so

And in '/etc/security/limits.conf' have an entry similar to:

* - maxlogins 3

To limit all users (except 'root' (or other UID 0 users)) to 3 simultaneous logins per user.
One long-haired git at your service...
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎04-25-2004 11:58 AM

‎04-25-2004 11:58 AM

Re: Control the telnet sessions

Excellent solutions Stuart.

I would add the following advice:

Drop telnet.

User authentication is happening in clear text. Even the root users password is easily sniffed by ethereal or a program that a user can bring in on a diskette or keychain drive.

Linux ships with openssh which includes ssh a telnet replacement with secure authentication.

A free windows version is at http://www.networksimplcity.com

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Stuart Browne
Honored Contributor

‎04-25-2004 12:50 PM

‎04-25-2004 12:50 PM

Re: Control the telnet sessions

And the pam solution is portable to SSH too ;P Just use '/etc/pam.d/sshd' :)
One long-haired git at your service...
Reply
peterchu
Super Advisor

‎04-25-2004 01:42 PM

‎04-25-2004 01:42 PM

Re: Control the telnet sessions

thx replied , I treid to modify the file "/etc/xinetd.d/telnet"

the file as below now :
# default: on
# description: The telnet server serves telnet sessions; it uses \
# unencrypted username/password pairs for authentication.
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
instances = 200
}

but the user telnet still can over 200 , could suggest what is wrong ?
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎04-25-2004 02:04 PM

‎04-25-2004 02:04 PM

Re: Control the telnet sessions

Did you re-start (or re-load) 'xinetd' after modifying '/etc/xinetd.d/telnet' ?

The command 'service xinetd reload' should be sufficient.

Setting it to 200 should mean that you can have 200 actively-used telnet sessions at any given moment.

My small-scale test (instances = 5) works, forcibly dropping any excess session attempts.
One long-haired git at your service...
Reply
peterchu
Super Advisor

‎04-25-2004 07:03 PM

‎04-25-2004 07:03 PM

Re: Control the telnet sessions

very thanks, it is OK after restart the service , I missed the previous message from Alex .
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.