HPE Community
Operating System - Linux
1828897 Members
2477 Online
109985 Solutions
New Discussion

telnet

 
SOLVED
Go to solution
Tonatiuh
Super Advisor

‎11-01-2004 01:46 PM

‎11-01-2004 01:46 PM

telnet

I have just installed Red Hat AS 2.1 but I cannot open a telnet/ftp session to the server.

What should I config in the sever to allow users to open a telnet/ftp session?
0 Kudos
Reply
12 REPLIES 12
Steven E. Protter
Exalted Contributor

‎11-01-2004 03:11 PM

‎11-01-2004 03:11 PM

Re: telnet

By default telnet is disabled in AS 2.1

Thats because telnet uses clear text authentication. Passwords in clear text for all sniffers to see. I've seen it used against me on the public internet and its not pretty.

What you should do is have your users use ssh instead of telnet. Secure authentication.

Here is how to enable telnet:

cd /etc/xinetd.d
vi telnet

It looks like this:

service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = yes
}

change disable = yes to :

disable = no

service xinetd restart

You are now done. Do study implementing ssh. The client is free and it is much more secure.

http://www.openssh.org

SEP


Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
ramkumar
Valued Contributor

‎11-01-2004 03:42 PM

‎11-01-2004 03:42 PM

Re: telnet

Hi

the above sentences are absolutely true . One more thing you should consider if pam.d
is istalled you can't login in to system as a administrator through the telnet session . for that go to /etc/pam.d / edit the file login in the fourth line you can find the following line change the word required to sufficient

session required /etc/security/pam_stack.so service =system-auth
0 Kudos
Reply
Alexander Chuzhoy
Honored Contributor

‎11-01-2004 05:48 PM

‎11-01-2004 05:48 PM

Solution

Re: telnet

One simple command enables xinetd related service (including telnet):
chkconfig telnet on
Reply
Tonatiuh
Super Advisor

‎11-02-2004 02:30 AM

‎11-02-2004 02:30 AM

Re: telnet

Thanks, but what about the FTP ?

Ramkumar, the pam_stack.so does not exist in /etc/security/, it exists in /lib/security/. So that, the line to change (as it appears) into /etc/pam.d/login is:

session sufficient /lib/security/pam_stack.so service=system-auth

But I have modified and restarted the server and I cannot telnet with root user.

Any other idea to telnet with root user?
0 Kudos
Reply
Alexander Chuzhoy
Honored Contributor

‎11-02-2004 02:43 AM

‎11-02-2004 02:43 AM

Re: telnet

to be able to telnet with root user -you must add the following to the /etc/securetty
pts/0
pts/1
pts/2



and so on....
I'd add at least until pts/20
Reply
Tonatiuh
Super Advisor

‎11-02-2004 02:49 AM

‎11-02-2004 02:49 AM

Re: telnet

It is working! Thanks a lot!

What about the FTP? how can I allow users to FTP to this server?
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎11-02-2004 09:22 AM

‎11-02-2004 09:22 AM

Re: telnet

enable the 'wu-ftpd' service, in a similar fasion.
One long-haired git at your service...
0 Kudos
Reply
Tonatiuh
Super Advisor

‎11-02-2004 09:35 AM

‎11-02-2004 09:35 AM

Re: telnet

This is my first time with Linux and I am really confused. Could you be more clear (detailed) ?
0 Kudos
Reply
dirk dierickx
Honored Contributor

‎11-02-2004 06:05 PM

‎11-02-2004 06:05 PM

Re: telnet

I just want to stress again that telnet is not a recommended connection method. And unless there is some obscure program really needing it, i would leave it _off_! and use SSH instead.
For transferring files, again if no program requires it, use SCP.

Don't worry, clients for these are freely available on windows.
0 Kudos
Reply
Johannes Krackowizer_1
Valued Contributor

‎11-02-2004 07:48 PM

‎11-02-2004 07:48 PM

Re: telnet

hi tonautiuh,

there is a simple way to enable or disable services in redhat linux. type ntsysv. in this tool you can select or deselct the services registered in redhat linux so you don't have to change configfiles like steven told you. but for telnet you have to add to /etc/securetty the pts/0, pts/1 ... lines for any concurent session. so if you want to allow 20 users to connect to your server and everyone opens two telnet sessions you have to add pts/0 to pts/39 to your /etc/securetty. the better way is to use ssh if it's possible for you because ssh is much more secure (passwords aren't transmitted plain text, they are encrypted).

for ftp server you have to enalbe the vsftp in ntsysv and have a look at the following thread:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=698075
"First off, I'd suggest printing out a copy of the GNU coding standards, and NOT read it. Burn them, it's a great symbolic gesture." (Linus Torvalds)
Reply
Rick Garland
Honored Contributor

‎11-03-2004 06:29 AM

‎11-03-2004 06:29 AM

Re: telnet

I want to join the chorus - avoid telnet/ftp if at all possible!

RH install does not install these tools by default. You must select them.

There is no difference to using telnet vs ssh - only the command syntax changes for the end user. Of course behind the scenes there is encryption. If the syntax is an issue the alias the commands.

For windows, PUTTY is a free tool that can be downloaded from the net and the tools are already in binary form - no building.

0 Kudos
Reply
Karsten Breivik_1
Frequent Advisor

‎11-29-2004 12:32 AM

‎11-29-2004 12:32 AM

Re: telnet

Another tip.

Starting a new telnet session can sometimes take a long time, sometimes ~30 sec to get a login prompt.

This is often caused by the server wanting to do a reverse DNS lookup to find out who is connecting.

If you are running DNS, check named and resolv.conf to find out how IP adresses are resolved.

If you aren't running DNS, you can fix this just by listing all the machines in /etc/hosts. Note that you don't have to be accurate about the names: I often use the ip adress with "_" substituted for the "."'s, like "host_192_168_2_3" and so on. A simple script:

#!/bin/ksh
x=1
while [ $x -lt 255 ]
do
echo "192.168.0.$x host_$x"
x=$((x + 1 ))
done >> /etc/hosts
poi
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.