HPE Community
Operating System - Linux
1840122 Members
2915 Online
110161 Solutions
New Discussion

getting error message while trying to telnet to rhel 5.2 server

 
SOLVED
Go to solution
Aabarnam
New Member

‎02-18-2011 04:41 AM

‎02-18-2011 04:41 AM

getting error message while trying to telnet to rhel 5.2 server

dear all

when i am trying to telnet into a rhel 5.2 server i am getting the following error message.

getnameinfo: localhost: Success
Temporary failure in name resolution: illegal seek
Connection to host lost:

But if i am putting the client ip address entry in /etc/hosts file, it is working fine. I am also not able to login using root while telnetting into the same machine. Please give me the reason why i am not able to login using root through telnet and also give solution for the above problem.

Regards
Aabarnam.S
0 Kudos
Reply
3 REPLIES 3
Matti_Kurkela
Honored Contributor

‎02-20-2011 05:18 AM

‎02-20-2011 05:18 AM

Solution

Re: getting error message while trying to telnet to rhel 5.2 server

Reverse DNS lookup failure.

When you're telnetting to your server, the telnetd process on the server only sees the IP address of the client. It needs to convert it to a hostname to write the proper session records to /var/run/utmp and /var/log/wtmp. So it must find a name that corresponds to the client's IP address. This is called a "reverse DNS lookup".

Telnetting as root is prevented by the pam_securetty PAM module: since you're not logging in from the system console, using the "root" account to login is not allowed. You must use your personal user account to log in, and then use "su", "sudo" or equivalent command to get root access.

Using telnet to log in as root is very bad practice in two ways:
- The telnet protocol is not encrypted, so anyone listening to the network traffic can easily capture your root password.
- If more than one person knows the root password, there will be no record to identify which of them logged in. If your system is in a bank, a phone company or in some other way involved with people's personal information, money or other vital things, this is likely to be a clear violation of legal requirements (failure of accountability, who-did-what-when). If your system is not that important, it still allows one sysadmin to blame another for his/her own mistakes.

If you use SSH instead of telnet, logging in as root is allowed by RHEL 5.2 defaults. While it's still a bad practice, at least it isn't so horribly insecure as using telnet.

MK
MK
Reply
Aabarnam
New Member

‎02-20-2011 06:51 AM

‎02-20-2011 06:51 AM

Re: getting error message while trying to telnet to rhel 5.2 server

Hai

thanks for the reply.

Is there any ways to disable the reverse DNS lookup or we have to add all the client's IP address to /etc/hosts file.

Aabarnam
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎02-21-2011 12:09 AM

‎02-21-2011 12:09 AM

Re: getting error message while trying to telnet to rhel 5.2 server

Instead of adding all your clients to /etc/hosts, have your DNS server administrator fix the reverse DNS records (record type PTR). Since they are completely separate from regular A records, many DNS administrators may neglect keeping them up-to-date.

There are several free tools and scripts for updating the reverse DNS records automatically - but since they are not always applicable to all sites and situations, they are often not integrated to the DNS server itself, and the DNS administrator must specifically install/enable them if s/he wants to use them.

MK
MK
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.