HPE Community
Operating System - Linux
1833275 Members
2878 Online
110051 Solutions
New Discussion

Not able to accept telnet - RH9

 
SOLVED
Go to solution
yc_2
Regular Advisor

‎10-20-2003 12:58 PM

‎10-20-2003 12:58 PM

Not able to accept telnet - RH9

Hi,

I have installed RH9 in pro-liant 1600 and the box is not accepting telnet coonection. Client that trying to connect got the following message:

Trying...
telnet: Unable to connect to remote host: Connection refused

I have also checked the following:
(1) ps -ef | grep xinetd
xinetd -stayalive ....

(2) Content of /etc/xinetd.d/telnet file:
service telnet
{
disbale = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
tag_no_failure +=USERID
}

Appreciate any advice,
YC
0 Kudos
Reply
11 REPLIES 11
Martin P.J. Zinser
Honored Contributor

‎10-20-2003 01:34 PM

‎10-20-2003 01:34 PM

Re: Not able to accept telnet - RH9

What does netstat -a say about the status of
telnet?
0 Kudos
Reply
yc_2
Regular Advisor

‎10-20-2003 01:42 PM

‎10-20-2003 01:42 PM

Re: Not able to accept telnet - RH9

Hi Martin,

netstat -a

Proto Recv-Q Send-Q Local Addr Foreign Addr
: : : : :
tcp 0 0 *:telnet *:*


State
:
LISTEN



YC
0 Kudos
Reply
Martin P.J. Zinser
Honored Contributor

‎10-20-2003 01:53 PM

‎10-20-2003 01:53 PM

Re: Not able to accept telnet - RH9

Hi,

that looks ok. Now, while you are logged in
at this box can you do a telnet 127.0.0.1 to the loopback device?

Greetings, Martin
0 Kudos
Reply
yc_2
Regular Advisor

‎10-20-2003 02:01 PM

‎10-20-2003 02:01 PM

Re: Not able to accept telnet - RH9

Hi Martin,

No problem with the following after login to the system:

(1) telnet 127.0.0.1
(2) ping 127.0.0.1


YC
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎10-20-2003 03:08 PM

‎10-20-2003 03:08 PM

Re: Not able to accept telnet - RH9

If it is listening (as you stated), and 'telnet localhost' works, then it has to be firewall or tcp wrappers.

What are the contents of /etc/hosts.allow and /etc/hosts.deny ?

What does 'iptables -nL' report?
One long-haired git at your service...
0 Kudos
Reply
yc_2
Regular Advisor

‎10-20-2003 03:24 PM

‎10-20-2003 03:24 PM

Re: Not able to accept telnet - RH9

Hi Stuart Browne,

No content inside /etc/hosts.allow and /etc/hosts.deny.

output of iptables -nL:

Chain INPUT (policy ACCEPT)
target prot opt source dest
RH-Lokkit-0-50-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target prot opt source dest
RH-Lokkit-0-50-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source dest

Chain RH-Lokkit-0-50-INPUT (2 ref)
ACCEPT udp -- 0.0.0.0/0 udp spt:53 dpts:1025:65535
:
:
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0
:


YC
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎10-20-2003 03:27 PM

‎10-20-2003 03:27 PM

Re: Not able to accept telnet - RH9

Need all of those lines from the 'iptables -nL' output.

The reject line at the bottom states that 'Unless otherwise accepted in one of the above rules, do not allow the connection'.
One long-haired git at your service...
0 Kudos
Reply
yc_2
Regular Advisor

‎10-20-2003 03:38 PM

‎10-20-2003 03:38 PM

Re: Not able to accept telnet - RH9

Hi Stuart Browne,

Here you go:

Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Lokkit-0-50-INPUT (2 references)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 udp spt:53 dpts:1025
:65535
ACCEPT udp -- 0.0.0.0/0 udp spt:53 dpts:1025
:65535
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 flag
s:0x16/0x02 reject-with icmp-port-unreachable
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 flags:0
x16/0x02 reject-with icmp-port-unreachable
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023 reject-with icmp-port-unreachable
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 reject-
with icmp-port-unreachable
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6000:6009 f
lags:0x16/0x02 reject-with icmp-port-unreachable
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:7100 flags:0
x16/0x02 reject-with icmp-port-unreachable
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎10-20-2003 04:53 PM

‎10-20-2003 04:53 PM

Solution

Re: Not able to accept telnet - RH9

Yeap, that most definatly isn't allowing anything but localhost to connect to the telnet service.

You may as well use the 'lokkit' command, and customize it to allow 'telnet' in.

If you want to do it manually however, I guess the following command will suffice:

iptables -I INPUT -j ACCEPT -p tcp --dport 23
One long-haired git at your service...
Reply
Dan Copeland
Regular Advisor

‎10-21-2003 07:53 AM

‎10-21-2003 07:53 AM

Re: Not able to accept telnet - RH9

enable the xinetd service again form the console or if you know the files to change.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎10-21-2003 08:57 AM

‎10-21-2003 08:57 AM

Re: Not able to accept telnet - RH9

I agree with Stuart, its the firewall.


A quick test:

service iptables stop

# test telnet

service iptables start

# test telnet

Stuart's configuration change will work. I suggest assigning him 10 points.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.