1839266 Members
3330 Online
110137 Solutions
New Discussion

Re: telnet

 
SOLVED
Go to solution
Tonatiuh
Super Advisor

telnet

I have just installed Red Hat AS 2.1 but I cannot open a telnet/ftp session to the server.

What should I config in the sever to allow users to open a telnet/ftp session?
12 REPLIES 12
Steven E. Protter
Exalted Contributor

Re: telnet

By default telnet is disabled in AS 2.1

Thats because telnet uses clear text authentication. Passwords in clear text for all sniffers to see. I've seen it used against me on the public internet and its not pretty.

What you should do is have your users use ssh instead of telnet. Secure authentication.

Here is how to enable telnet:

cd /etc/xinetd.d
vi telnet

It looks like this:

service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = yes
}

change disable = yes to :

disable = no

service xinetd restart

You are now done. Do study implementing ssh. The client is free and it is much more secure.

http://www.openssh.org

SEP


Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
ramkumar
Valued Contributor

Re: telnet

Hi

the above sentences are absolutely true . One more thing you should consider if pam.d
is istalled you can't login in to system as a administrator through the telnet session . for that go to /etc/pam.d / edit the file login in the fourth line you can find the following line change the word required to sufficient

session required /etc/security/pam_stack.so service =system-auth
Alexander Chuzhoy
Honored Contributor
Solution

Re: telnet

One simple command enables xinetd related service (including telnet):
chkconfig telnet on
Tonatiuh
Super Advisor

Re: telnet

Thanks, but what about the FTP ?

Ramkumar, the pam_stack.so does not exist in /etc/security/, it exists in /lib/security/. So that, the line to change (as it appears) into /etc/pam.d/login is:

session sufficient /lib/security/pam_stack.so service=system-auth

But I have modified and restarted the server and I cannot telnet with root user.

Any other idea to telnet with root user?
Alexander Chuzhoy
Honored Contributor

Re: telnet

to be able to telnet with root user -you must add the following to the /etc/securetty
pts/0
pts/1
pts/2



and so on....
I'd add at least until pts/20
Tonatiuh
Super Advisor

Re: telnet

It is working! Thanks a lot!

What about the FTP? how can I allow users to FTP to this server?
Stuart Browne
Honored Contributor

Re: telnet

enable the 'wu-ftpd' service, in a similar fasion.
One long-haired git at your service...
Tonatiuh
Super Advisor

Re: telnet

This is my first time with Linux and I am really confused. Could you be more clear (detailed) ?
dirk dierickx
Honored Contributor

Re: telnet

I just want to stress again that telnet is not a recommended connection method. And unless there is some obscure program really needing it, i would leave it _off_! and use SSH instead.
For transferring files, again if no program requires it, use SCP.

Don't worry, clients for these are freely available on windows.
Johannes Krackowizer_1
Valued Contributor

Re: telnet

hi tonautiuh,

there is a simple way to enable or disable services in redhat linux. type ntsysv. in this tool you can select or deselct the services registered in redhat linux so you don't have to change configfiles like steven told you. but for telnet you have to add to /etc/securetty the pts/0, pts/1 ... lines for any concurent session. so if you want to allow 20 users to connect to your server and everyone opens two telnet sessions you have to add pts/0 to pts/39 to your /etc/securetty. the better way is to use ssh if it's possible for you because ssh is much more secure (passwords aren't transmitted plain text, they are encrypted).

for ftp server you have to enalbe the vsftp in ntsysv and have a look at the following thread:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=698075
"First off, I'd suggest printing out a copy of the GNU coding standards, and NOT read it. Burn them, it's a great symbolic gesture." (Linus Torvalds)
Rick Garland
Honored Contributor

Re: telnet

I want to join the chorus - avoid telnet/ftp if at all possible!

RH install does not install these tools by default. You must select them.

There is no difference to using telnet vs ssh - only the command syntax changes for the end user. Of course behind the scenes there is encryption. If the syntax is an issue the alias the commands.

For windows, PUTTY is a free tool that can be downloaded from the net and the tools are already in binary form - no building.

Karsten Breivik_1
Frequent Advisor

Re: telnet

Another tip.

Starting a new telnet session can sometimes take a long time, sometimes ~30 sec to get a login prompt.

This is often caused by the server wanting to do a reverse DNS lookup to find out who is connecting.

If you are running DNS, check named and resolv.conf to find out how IP adresses are resolved.

If you aren't running DNS, you can fix this just by listing all the machines in /etc/hosts. Note that you don't have to be accurate about the names: I often use the ip adress with "_" substituted for the "."'s, like "host_192_168_2_3" and so on. A simple script:

#!/bin/ksh
x=1
while [ $x -lt 255 ]
do
echo "192.168.0.$x host_$x"
x=$((x + 1 ))
done >> /etc/hosts
poi