Detailed description of telnet commands for linux commands (linux remote logon)

Source: Internet
Author: User
Tags nameserver telnet program to domain
Telnet commands are usually used for remote logon. The telnet program is a remote client logon program based on the TELNET protocol. The Telnet protocol is a member of the TCP/IP protocol family. it is the standard protocol and main method of the Internet remote login service. The following describes how to use and example labels: Telnet

Telnet commands are usually used for remote logon. The telnet program is a remote client logon program based on the TELNET protocol. The Telnet protocol is a member of the TCP/IP protocol family and is the standard protocol and main method of the Internet remote login service. It provides users with the ability to complete remote host work on local computers. Use the telnet program on the terminal user's computer to connect to the server. End users can enter commands in the telnet program. these commands will run on the server, just as they are directly entered on the server console. You can control the server locally. To start a telnet session, you must enter the user name and password to log on to the server. Telnet is a common method to remotely control Web servers.
However, because telnet uses plain text to send packets, the security is poor. many Linux servers do not enable the telnet service, but use a safer ssh mode. However, many other systems may use telnet to provide remote logon. Therefore, it is necessary to find out how to use the telnet client.
Telnet commands can also be used for other purposes, such as determining the status of remote services, such as determining whether a port of the remote server can be accessed.

1. command format:
Telnet [parameter] [host]

2. command functions:
Execute the telnet command to start the terminal job and log on to the remote host.

3. command parameters:
-8: 8 characters are allowed, including input and output.
-A tries to automatically log on to the remote system.
-B <主机别名> Use an alias to specify the name of the remote host.
-C does not read the. telnetrc file in the user's exclusive directory.
-D start the troubleshooting mode.
-E <脱离字符> Set escape characters.
-E: filter out the escape characters.
-F: the effect of this parameter is the same as that of the specified "-F" parameter.
-F when Kerberos V5 is used for authentication, you can add this parameter to upload the authentication data of the local host to the remote host.
-K <域名> When Kerberos authentication is used, add this parameter to allow the remote host to use the specified domain name instead of the domain name of the host.
-K does not automatically log on to the remote host.
-L <用户名称> Name of the user to log on to the remote host.
-L 8 characters can be output.
-N <记录文件> Specify the file record information.
-R uses a user interface similar to the rlogin command.
-S <服务类型> Set the IP address TOS required for the telnet connection.
-X: if the host supports data encryption, use it.
-X <认证形态> Disable the specified authentication form.

4. example:
Instance 1: remote server access failure
Command: telnet 192.168.120.206
Output:

Copy codeThe code is as follows:
[Root @ localhost ~] # Telnet 192.168.120.209
Trying 192.168.120.209...
Telnet: connect to address 192.168.120.209: No route to host
Telnet: Unable to connect to remote host: No route to host
[Root @ localhost ~] #

Note:
To solve this problem:
(1) Are you sure the IP address is correct?
(2) Are you sure the host corresponding to the IP address is on?
(3) if the host has been started, are you sure the route settings are correct? (Use the route command to view details)
(4) If the host has been started, are you sure you have enabled the telnet service on the host? (Run the netstat command to check whether the TCP port 23 has the LISTEN status line)
(5) If the telnet service has been enabled on the host, are you sure the firewall has opened port 23? (Use iptables-save to view details)

Instance 2: The domain name cannot be resolved
Command: telnet www.baidu.com
Output:

Copy codeThe code is as follows:
[Root @ localhost ~] # Telnet www.baidu.com
Www.baidu.com/telnet: Temporary failure in name resolution
[Root @ localhost ~] #

Note:
To solve this problem:
(1) confirm that the domain name is correct
(2) Check whether the settings related to domain name resolution on the local machine are correct (whether nameserver settings in/etc/resolv. conf are correct, if not, use nameserver 8.8.8.8)
(3) Check whether the firewall has opened the access to the UDP53 port (DNS uses UDP protocol, Port 53, and iptables-save to view)

Instance 3:
Command: telnet 192.168.120.206
Output:

Copy codeThe code is as follows:
[Root @ localhost ~] # Telnet 192.168.120.206
Trying 192.168.120.206...
Telnet: connect to address 192.168.120.206: Connection refused
Telnet: Unable to connect to remote host: Connection refused
[Root @ localhost ~] #

Note:
Handle this situation:
(1) Are you sure the IP address or host name is correct?
(2) Check whether the port is correct and whether the default port is Port 23.

Instance 4: Start the telnet service
Command: service xinetd restart
Output:

Copy codeThe code is as follows:
[Root @ localhost ~] # Cd/etc/xinetd. d/
[Root @ localhost xinetd. d] # ll
Total 124
-Rw-r -- 1 root 1157 2011-05-31 chargen-dgram
-Rw-r -- 1 root 1159 2011-05-31 chargen-stream
-Rw-r -- 1 root 523 2009-09-04 cvs
-Rw-r -- 1 root 1157 2011-05-31 daytime-dgram
-Rw-r -- 1 root 1159 2011-05-31 daytime-stream
-Rw-r -- 1 root 1157 2011-05-31 discard-dgram
-Rw-r -- 1 root 1159 2011-05-31 discard-stream
-Rw-r -- 1 root 1148 2011-05-31 echo-dgram
-Rw-r -- 1 root 1150 2011-05-31 echo-stream
-Rw-r -- 1 root 323 eklogin
-Rw-r -- 1 root 347 ekrb5-telnet
-Rw-r -- 1 root 326 gssftp
-Rw-r -- 1 root 310 klogin
-Rw-r -- 1 root 323 krb5-telnet
-Rw-r -- 1 root 308 2004-09-09 kshell
-Rw-r -- 1 root 317 2004-09-09 rsync
-Rw-r -- 1 root 1212 2011-05-31 tcpmux-server
-Rw-r -- 1 root 1149 2011-05-31 time-dgram
-Rw-r -- 1 root 1150 2011-05-31 time-stream
[Root @ localhost xinetd. d] # cat krb5-telnet
# Default: off
# Description: The authenticated telnet server accepts normal telnet sessions ,\
# But can also use Kerberos 5 authentication.
Service telnet
{
Flags = REUSE
Socket_type = stream
Wait = no
User = root
Server =/usr/kerberos/sbin/telnetd
Log_on_failure + = USERID
Disable = yes
}
[Root @ localhost xinetd. d] #

Note:
Configuration parameters:

Copy codeThe code is as follows:
Service telnet
{
Disable = no # Enable
Flags = REUSE # socket reusable
Socket_type = stream # The Connection mode is TCP
Wait = no # start a process for each request
User = root # The user who starts the service is root.
Server =/usr/sbin/in. telnetd # process to be activated
Log_on_failure + = USERID # log on username upon logon failure
}

To configure the list of clients that can be logged on, add
Only_from = 192.168.0.2 # only 192.168.0.2 logon allowed

If you want to configure a list of prohibited clients, add
No_access = 192.168.0. {2, 3, 4} # Disable logon of 192.168.0.2, 192.168.0.3, and 192.168.0.4

If you want to set an open time period, add
Access_times =-PM-# only services are available for these two periods of time every day (our working hours: P)

If you have two IP addresses, one is a private IP address such as 192.168.0.2 and the other is a public IP address such as 218.75.74.83, if you want the user to log on to the telnet service only from the private network, add
Bind = 192.168.0.2

For the specific meanings and syntax of each configuration item, refer to the xined configuration file attribute description (man xinetd. conf)

Configure the port and modify the services File:

Copy codeThe code is as follows:
# Vi/etc/services
Find the following two sentences:
Telnet 23/tcp
Telnet 23/udp

If there is a # character in front of it, remove it. Telnet's default port is 23, which is also the main object for hacker port scanning. Therefore, it is best to modify this port. the modification method is very simple, that is, to change the number 23, change to a larger number, such as 61123. Note that the port numbers below 1024 are reserved for the internet, so it is best not to use them. Be sure not to conflict with the ports of other services.

Start service: service xinetd restart
Instance 5: normal telnet
Command: telnet 192.168.120.204
Output:

Copy codeThe code is as follows:
[Root @ andy ~] # Telnet 192.168.120.204
Trying 192.168.120.204...
Connected to 192.168.120.204 (192.168.120.204 ).
Escape character is '^]'.
Localhost (Linux release 2.6.18-274.18.1.el5 #1 SMP Thu Feb 9 12:45:44 EST 2012) (1)
Login: root
Password:
Login incorrect

Note:
Generally, root users are not allowed to log on remotely. you can log on with a common account and then use su-to switch to the root user.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.