CentOS5 Enabling the Telnet service detailedThe configuration steps are as follows:
First, install the Telnet package (typically two required)
1, Telnet (or telnet-client), this package provides Telnet client program;
2, Telnet-server, this package provides Telnet server-side program;before installing, check that the system has installed these packages as follows:[[email protected]/] #rpm –qa |grep telnetIf the package is not detected, it needs to be installed. CentOS5 the Telnet package is installed by default and the Telnet-server package is notinstallation.
Obtain the Telnet-server software package from the CENTOS5 installation CD and install it. [[email protected]/] #mount/dev/cdrom/mnt
[[email protected]/] #rpm-ivh/mnt/centos/telnet-server-0.17-39.el5.i386.rpm
Second, start the Telnet service
1. Open service
Method One: Using the NTSYSV command, in the window that appears, select Telnet, and then press OK. [[email protected]/] #ntsysv方法二: Edit/etc/xinetd.d/telnet[[email protected]/] #vi/etc/xinetd.d/telnet
Change "Disable = yes" to "Disable = no" 2, start service [[email protected]/] #service xinetd restart
third, firewall settings1. Edit the iptables configuration file[[email protected]/] #vi/etc/sysconfig/iptables
Join:
-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 23-j ACCEPT 2, restart iptables service [[email protected]/] #service iptables restart
Iv. Testing the Telnet service[[email protected]/] #telnet IP (or hostname)if configured correctly, you are prompted to enter the user name and password for the remote machine
Login:
Password:
Note: Only normal users are allowed to use Telnet by default.
v. Turn on the root user using Telnet
Because Telnet is not very secure, root is not allowed to telnet into the Linux host by default. To allow the root user to Telnet, use the followingMethod:[[email protected]/] #vi/etc/pam.d/remote
Comment out the "auth required pam_securetty.so".This allows root to go directly to the Linux host. However, this is not recommended. You can use normal user telnet, and then switch toroot user.
vi. Changing the telnet default port[[email protected]/] #vi/etc/servicesLocate the following two lines:Telnet 23/tcp
Telnet 23/UDPModify 23 to an unused port number (for example: 2323). Restart the Telnet service so that the Telnet default port number is modified.
vii. restricting telnet services
Telnet transmits passwords and data in plaintext, and if you are not satisfied with its default settings, you can limit its scope of service. Suppose my Lordthe IP of the machine is 192.168.120.100 and can be set in the following way. [[email protected]/] #vi/etc/xinetd.d/telnet
Service Telnet
{
Disable = no #激活 telnet service
bind = 192.168.120.100 #我主机的IP地址 only_from = 192.168.120.0/24 #只允许192.168.120.0 the user of this segment enters Only_from =. bob.com #允许bob. com domain user access
No_access = 192.168.120. {101,105} #这两个ip不可以进入
Access_times = 8:00-9:00 20:00-21:00 # Every day only these two time periods open service
......
}
viii. Utilization of Krb5-telnet
in fact, CentOS5 has installed krb5-telnet, then you can enable the service to achieve the purpose of turning on Telnet. No more installationTelnet-server this package. You can use Kerberos 5来 for authentication.
1, open krb5-telnet service. [[email protected]/] #vi/etc/xinetd.d/krb5-telnet
Change "Disable = yes" to "Disable = no" 2, start service [[email protected]/] #service xinetd restart
ix. using Kerberos 5来 authentication and encryption Telnet session
The ekrb5-telnet can be used to provide an encrypted Telnet service. If the Ekrb5-telnet service is enabled, but there is no Kerberos service, the unencrypted connection refused is always reported when Telnet is logged in. Goodbye. (Unencryptedconnection, denial of service) "This error.
1, open ekrb5-telnet service. [[email protected]/] #vi/etc/xinetd.d/ekrb5-telnet
Change "Disable = yes" to "Disable = no" 2, start the service [[email protected]/] #service xinetd Restart Note: Before using Kerberos 5来 authentication and encrypting Telnet Session, you need to first build a Kerberos server.
CentOS5 Enabling Telnet service detailed (reprint)
