Telnet Server Configuration

Telnet Server

Telnet : Telnet is a program that allows users to log into your server and get a command prompt just as if they were logged into the VGA console,One of the disadvantages of Telnet is that the data is sent as clear text. This means that it is possible for someone to use a network analyzer to peek into your data packets and see your username and password.

[root@xnetbd ~]# yum install telnet
Loaded plugins: rhnplugin, security
Repository rhel-debuginfo is listed more than once in the configuration
This system is not registered with RHN.
RHN support will be disabled.
rhel-debuginfo                                           |  951 B     00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package telnet.i386 1:0.17-39.el5 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package        Arch         Version               Repository              Size
================================================================================
Installing:
 telnet         i386         1:0.17-39.el5         rhel-debuginfo          57 k

Transaction Summary
================================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 57 k
Is this ok [y/N]: y
Downloading Packages:
telnet-0.17-39.el5.i386.rpm                              |  57 kB     00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : telnet                                                   1/1

Installed:
  telnet.i386 1:0.17-39.el5

Complete!
To set up a Telnet server use the chkconfig command to activate Telnet.
[root@bigboy tmp]# chkconfig telnet on

You can also use the chkconfig --list command to verify that telnet will be started on the next reboot. 
[root@bigboy tmp]# chkconfig --list | grep telnet
       telnet: on
Use the chkconfig command to deactivate telnet, even after the next reboot.
 [root@bigboy tmp]# chkconfig telnet off

You can test whether the Telnet process is running with the following command which is used to check the TCP/UDP ports on which your server is listening, if it isn't running then there will be no response. 
[root@bigboy tmp]# netstat -a | grep telnet
tcp        0        0        *:telnet        *:*        LISTEN 

[root@xnetbd ~]# cd /etc/xinetd.d/
[root@xnetbd xinetd.d]# ls
chargen-dgram   discard-stream  gssftp       rsync          time-stream
chargen-stream  echo-dgram      klogin       tcpmux-server
daytime-dgram   echo-stream     krb5-telnet  telnet
daytime-stream  eklogin         kshell       tftp
discard-dgram   ekrb5-telnet    rmcp         time-dgram

To run or enable the telnet service following file need to be edited.
[root@xnetbd xinetd.d]# vim /etc/xinetd.d/telnet
service telnet
{
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure  += USERID
        disable         = no
}
Take note disable should be set as no.

 [root@xnetbd xinetd.d]# /etc/init.d/xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                             [  OK  ]

You can start/stop/restart xinetd after booting by using the following commands:
[root@bigboy tmp]# service xinetd start
[root@bigboy tmp]# service xinetd stop
[root@bigboy tmp]# service xinetd restart
 
To get xinetd configured to start at boot you can use the chkconfig command.
 [root@bigboy tmp]# chkconfig xinetd on

Configure Telnet for root logins : Simply edit the file /etc/securetty and add the following to the end of the file:  Now before getting into the details of how to configure Red Hat Linux for root logins, keep in mind that this is VERY BAD security. Make sure that you NEVER configure your production servers for this type of login

[root@xnetbd xinetd.d]# vim /etc/securetty

console

pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
 
 

Let Telnet Allow Connections From Trusted Addresses :You can restrict telnet logins access to individual remote servers by using the only_from keyword in the telnet configuration file. Here's how.

Add a list of trusted servers to the /etc/xinetd.d/telnet file separated by spaces:
 service telnet
{
       flags          = REUSE
       socket_type    = stream
       wait           = no
       user           = root
       server         = /usr/sbin/in.telnetd
       log_on_failure += USERID
       disable        = no
       only_from      = 192.168.50.19 192.168.1.200
}