HPE Community
Operating System - Linux
1827741 Members
3134 Online
109969 Solutions
New Discussion

No new telnet sessions allowed ?

 
Al Licause
Trusted Contributor

‎10-10-2006 07:47 AM

‎10-10-2006 07:47 AM

No new telnet sessions allowed ?

Customer has about 61 or 62 people/sessions logged in using telnet and any new sessions simply get no prompt.

This is RHES V4.

tty.max is set to 4096 and the number of psuedo devices in /dev seems to be about 63.

In Tru64unix if this happens, we simply create more psuedo devices with /dev/MAKEDEV. It would appear you can do the same in linux with the MAKEDEV utility giving pty and tty as arguments in seperate commands. This creates several hundred new devices.

But the customer says they still can't telnet....no response. Only if someone logs out, can they start a new session.

So my question is, must the system be rebooted inorder for the kernel to see the new psuedo devices or are there any other parameters that need to be set ?

I don't yet know if there are any errors or other in the messags file, but I've asked the customer to check this.....any other ideas ?
0 Kudos
Reply
4 REPLIES 4
Ivan Ferreira
Honored Contributor

‎10-10-2006 07:55 AM

‎10-10-2006 07:55 AM

Re: No new telnet sessions allowed ?

First, as you use RHES V4, a very recent version, you should start by disabling legacy and insecure devices, such telnet and replace it by ssh.

Anyway, check the /etc/xinetd.d/telnet file:

service telnet
{
disable = no
instances = 100
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure =
log_on_success -= HOST

}

Look at the instances parameter. I think that telnet sessions uses /dev/pts/* files, what is the output of tty in a telnet session?
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Al Licause
Trusted Contributor

‎10-10-2006 08:23 AM

‎10-10-2006 08:23 AM

Re: No new telnet sessions allowed ?

Ivan...thanks yes, we're aware of the ssh and security issues which the customer will address at a later time. They simply wanted to get the system up and in production....unfortunately they didn't test this before going production.

I am having him send me the xinetd.d/telnet file contents but I'm not sure that it has a limit by default.

The tty command does show /dev/pts/x so it is using the system 5 style devices by default.

I was just told that the default for the value of "instances" in /etc/xinetd.d/telnet is 60 even if it is not specified in the file.

I am asking the customer to add the line and set it to some value greater than the max number of telnet users they expect and then restart xinetd. I'll report the results later.
0 Kudos
Reply
rick jones
Honored Contributor

‎10-10-2006 12:53 PM

‎10-10-2006 12:53 PM

Re: No new telnet sessions allowed ?

FWIW the xinetd.conf manpage does say the default is unlimited, but in addition to the xinetd.d/telnet file you may want to check in /etc/xinetd.conf itself since IIRC that can set things which will be "inherited" by the stuff in .d.
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
Al Licause
Trusted Contributor

‎10-10-2006 11:58 PM

‎10-10-2006 11:58 PM

Re: No new telnet sessions allowed ?

Thanks again for the information. This is definately one for the personal notes for future use.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.