How to use Telnet

Telnet commands are usually used to log on remotely. The Telnet program is a telnet protocol-based Telnet client program. The Telnet protocol is a member of the TCP/IP protocol family and is the standard protocol and main way of Internet remote Login service. It provides users with the ability to perform remote host work on the local computer. Use the Telnet program on the end user's computer to connect to the server. End users can enter commands in the Telnet program that run on the server as if they were entered directly on the server's console. The server can be controlled locally. To start a Telnet session, you must enter a user name and password to log on to the server.　　Telnet is a common way to remotely control a Web server. However, Telnet is not secure because it transmits messages in plaintext, and many Linux servers do not open the Telnet service, instead using a more secure SSH approach. However, there are still many other systems that may use Telnet to provide remote logins, so it is still necessary to figure out how to use the Telnet client. The Telnet command can also be used for other purposes, such as determining the status of a remote service, such as determining whether a port on a remote server can be accessed. 1. Command format: telnet[parameter [host]2. Command function: Perform the telnet command to open the terminal stage job and log in to the remote host. 3. Command parameters:-8 allows the use of 8-bit character data, including input and output. -a attempts to automatically log in to the remote system. -b< host aliases > Use aliases to specify the remote host name. -C does not read the. telnetrc file in the user-specific directory. -D start the debug mode. -e< out character > set out character. -e filters out the off character. -F The effect of this parameter is the same as specifying the "-F" parameter. -F with Kerberos V5 authentication, this parameter can be used to upload authentication data from the local host to the remote host. -k< domain name > When using Kerberos authentication, this parameter allows the remote host to take the specified realm name rather than the domain name of the host. -K does not automatically log in to the remote host. -l< User name > Specifies the name of the user to log in to the remote host. -L allows output of 8-bit character data. -n< log Files > specify information about file records. -R uses a user interface similar to the rlogin directive. -s< Service Type > set the IP TOS information required for Telnet connection. -X assumes that the host has the capability to support data encryption and uses it. -x< Authentication Pattern > Close the specified authentication pattern. 4. Use instance: Instance 1: Remote server unreachable command: Telnet 192.168.120.206 output: [[Email protected] ~]# telnet 192.168.120.209Trying 192.168.120.209...telnet:connect to address 192.168.120.209:no Route to Hosttelnet:unable to connect to remote Host:no route to host[[email protected] ~]# Description: Handle this scenario: (1) Verify that the IP address is That's right? (2) Verify that the host IP address is powered on? (3) If the host has been started, confirm that the routing settings are set correctly? (View using the route command) (4) If the host is already started, confirm that the Telnet service is turned on on the host? (Use the Netstat command to see if TCP port 23 has a listen status line) (5) If the host has already started the Telnet service, confirm that the firewall has released access to port 23? Example 2: Domain cannot parse command: Telnet www.baidu.com output: [[email protected] ~]# telnet Www.baidu.comwww.baidu.com/telnet:Temporary failure in name resolution[[email protected] ~]# Description: Handle This scenario: (1) Confirm that the domain name is correct (2) Confirm that the settings for the domain name resolution for this computer are correct (nameserver is set correctly in/etc/resolv.conf, if not, you can use nameserver 8.8.8.8) (3) Confirm that the firewall has released access to the UDP53 port (DNS using UDP protocol, port 53, using Iptables-save View) Instance 3: Command: output: [[email protected] ~]# telnet 192.168.120.206Trying 192.168.120.206...telnet:connect to address 192.168.120.206:connection refusedtelnet:unable to Connect to remote Host:connection refused[[email protected] ~] #说: (1) Confirm the correct IP address or hostname? (2) Confirm port is correct, default 23 port instance 4: Start telnet service command: Service xinetd Restart output: Copy code [[email protected] ~]# cd/etc/xinetd.d/[[ Email protected] xinetd.d]# ll total 124-rw-r--r--1 root root 1157 2011-05-31 chargen-dgram-rw-r--r--1 root root 1159 2 011-05-31 chargen-stream-rw-r--r--1 root root 523 2009-09-04 cvs-rw-r--r--1 root root 1157 2011-05-31 daytime-dgram-rw- r--r--1 root root 1159 2011-05-31 daytime-stream-rw-r--r--1 root root 1157 2011-05-31 discard-dgram-rw-r--r--1 root Roo T 1159 2011-05-31 discard-stream-rw-r--r--1 root root 1148 2011-05-31 echo-dgram-rw-r--r--1 root root 1150 2011-05-31 EC ho-stream-rw-r--r--1 root root 323 2004-09-09 eklogin-rw-r--r--1 root root 347 2005-09-06 ekrb5-telnet-rw-r--r--1 roo T root 326 2004-09-09 gssftp-rw-r--r--1 root root 310 2004-09-09 klogin-rw-r--r--1 root root 323 2004-09-09 Krb5-teln et-rw-r--r--1 root root 308 2004-09-09 kshell-rw-r--r--1 root root 317 2004-09-09 rsync-rw-r--r--1 root root 1212 201 1-05-31 tcpmux-server-rw-r--r--1 root root 1149 2011-05-31 time-dgram-rw-r--r--1 root root 1150 2011-05-31 Time-stream[[emai L protected] xinetd.d]# cat krb5-telnet # default:off# description:the kerberized telnet Server accepts normal Teln        ET sessions, # but can also use Kerberos 5 authentication.service telnet{flags = Reuse Socket_type = Stream wait = no user = root Server =/US r/kerberos/sbin/telnetd log_on_failure + = USERID disable = yes}[[email protected] xinetd.d]# complex Code Description: Configuration parameters, usually configured as follows: Service Telnet {disable = no #启用 flags = reuse #socket可重用 Socket_type = stream #连接方式为TCP wait = no #为 Each request starts a process user = root #启动服务的用户为root Server =/usr/sbin/in.telnetd #要激活的进程 log_on_failure + = USERID #登录失败时记录登录用户名} If you want to configure the List of registered clients, join Only_from = 192.168.0.2 #只允许192.168.0.2 Login If you want to configure a list of clients that are prohibited from logging in, add no_access = 192.168.0. {2,3,4} #禁止192.168.0.2, 192.168.0.3, 192.168.0.4 log in ASTo set the opening period, add access_times = 9:00-12:00 13:00-17:00 # Every day only these two hours of open service (Our office Hours: P) If you have two IP addresses, One is the IP address of the private network such as 192.168.0.2, a public network IP address such as 218.75.74.83, if you want users can only from the private network to login Telnet service, then add bind = 192.168.0.2 The specific meanings and syntax of each configuration item can refer to the Xined profile property description (man xinetd.conf) configuration port, modify the Services file: # Vi/etc/services Find the following two sentences telnet 23/tcp telnet 23/udp If there is a # character in front of it, remove it. The default port of Telnet is 23, this port is also the main object of the hacker port scan, so it is better to modify this port, the method is very simple, is to change the number 23, changed to a larger number, such as 61123. Note that the port number below 1024 is the port number reserved by the Internet, so it is best not to use it, and you should be careful not to conflict with the ports of other services. Start Services: Service xinetd Restart Instance 5: normal telnet command: Telnet 192.168.120.204 output: Copy code [[email protected] ~]# telnet 192.168.120.204Trying 192.168.120.204...Connected to 192.168.120.204 (192.168.120.204).    Escape character is ' ^] '. localhost (Linux release 2.6.18-274.18.1.el5 #1 SMP Thu Feb 9 12:45:44 EST) (1) login:rootPassword:Login incorrect copy Code Description: In general, do not allow root from remote login, you can first log in with a normal account, and then use Su-cut to the root user.

Use of Telnet