By default, only telnet (client) is installed on this system)
- root@www.linuxidc.com:~# dpkg -s telnet
- Package: telnet
- Status: install ok installed
- Priority: standard
- Section: net
- Installed-Size: 188
- Maintainer: Ubuntu Developers
- Architecture: i386
- Source: netkit-telnet
- Version: 0.17-36build1
- Replaces: netstd
- Provides: telnet-client
Therefore, only telnet commands can be used to log on to the host where the telnet service is enabled. Others cannot use telnet to log on to the host.
1. Now we want to talk about how to allow others to use telnet to log on to the local machine. We need to install two software:
- root@www.linuxidc.com:~# apt-get install telnetd
- root@www.linuxidc.com:~# apt-get install xinetd
Telnetd is telnet-server, but it cannot be started by itself. You need to manage the daemon software xinetd to take over.
- root@www.linuxidc.com:~# dpkg -s telnetd
- Package: telnetd
- Status: install ok installed
- Priority: optional
- Section: net
- Installed-Size: 152
- Maintainer: Ubuntu Developers
- Architecture: i386
- Source: netkit-telnet
- Version: 0.17-36build1
- Replaces: netstd
- Provides: telnet-server
2. Start telnetd through xinetd by creating a new telnet file and entering the following content (no security settings)
- Root@www.linuxidc.com :~ # Vi/etc/xinetd. d/telnet
- Service telnet
- {
- Disable=No
- Socket_type=Stream
- Flags=REUSE
- Wait=No
- User=Root
- Server=/Usr/sbin/In. telnetd# Note that in. telnetd is the file generated by telnetd installation.
- Log_on_failure + = USERID
- }
If you want to modify the default port number for telnet (23), you need to modify the corresponding telnet port in the/etc/services file.
3. Restart the xinetd program.
- root@www.linuxidc.com:/etc/xinetd.d# service xinetd restart
- * Stopping internet superserver xinetd [ OK ]
- * Starting internet superserver xinetd [ OK ]
In this case, you can use the netstat command to check the listening status of port 23.
- root@www.linuxidc.com:~# netstat -tulnp | grep 23
- tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 4176/xinetd
4. You can confirm that the telnet server has been set up. In this case, you only need to change the computer and then use the telnet ip address to log on. The default setting is that the root user cannot log on via telnet (telnet is transmitted in plain text on the network, and the password can be detected by sniffer). If the security is ensured, you can use the following method to allow the root user to log on:
(1) modify the/etc/securetty file and add the terminal
- root@www.linuxidc.com:~# tail -5 /etc/securetty
- pts/0
- pts/1
- pts/2
- pts/3
- pts/4
Or you can directly change the name of the securetty file to use root login.
(2) modify the/etc/pam. d/login file and call the securetty verification Annotation
- 12 # Disallows root logins except on tty's listed in /etc/securetty
- 13 # (Replaces the `CONSOLE' setting from login.defs)
- 14 # Note that it is included as a "required" module. root will be
- 15 # prompted for a password on insecure ttys.
- 16 # If you change it to a "requisite" module, make sure this does not leak
- 17 # user name information.
- 18 #auth required pam_securetty.so
In this way, the telnet configuration is basically complete, but we recommend that you use ssh (however, for windows systems, you need to append dedicated software to ssh, which is really amazing!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
