服務管理——telnet 一 telnet服務端和用戶端什麼是Telnet?Telnet協議是TCP/IP協議族中的一員,是Internet遠程登陸服務的標準協議和主要方式。它為使用者提供了在本機電腦上完成遠程主機工作的能力。在終端使用者的電腦上使用telnet程式,用它串連到伺服器。終端使用者可以在telnet程式中輸入命令,這些命令會在伺服器上運行,就像直接在伺服器的控制台上輸入一樣。可以在本地就能控制伺服器。要開始一個telnet會話,必須輸入使用者名稱和密碼來登入伺服器。Telnet是常用的遠端控制Web伺服器的方法。[plain] #Server01:安裝telnet服務端 [root@serv01 xinetd.d]# yum installtelnet-server* -y #開啟服務 [root@serv01 xinetd.d]# chkconfig telnet on #重啟xinetd服務 [root@serv01 xinetd.d]# /etc/init.d/xinetdrestart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] #再次查看網路狀態 [root@serv01 xinetd.d]# netstat -langput |grep "telnet" tcp 0 0 192.168.1.11:23 192.168.1.12:57169 ESTABLISHED 2488/in.telnetd: 19 [root@serv01 xinetd.d]# netstat -langput |grep "xin" tcp 0 0 :::22 :::* LISTEN 2486/xinetd tcp 0 0 :::23 :::* LISTEN 2486/xinetd #Server02:安裝telnet用戶端 [root@serv02 .ssh]# yum install telnet -y #用戶端通過telnet遠端連線登入,注意一定要使用普通使用者 [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 19:44:31 from 192.168.1.1 [hongyi@serv01 ~]$ 二 telnet的特性[plain] #明文傳輸,不允許root登入 #telnet是明文傳輸,不允許root登入 #我們往往使用普通使用者登入,然後su -切換到root使用者。 [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: root Password: Login incorrect [root@serv01 xinetd.d]# pwd /etc/xinetd.d [root@serv01 xinetd.d]# cat telnet # default: on # description: The telnet server servestelnet sessions; it uses \ # unencryptedusername/password pairs for authentication. service telnet { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID } #service ssh:名字必須唯一,不要重複 三 telnet只允許某個IP或者某個網段訪問(only_from)[plain] #編輯檔案,只允許192.168.1.12訪問 [root@serv01 xinetd.d]# vim telnet [root@serv01 xinetd.d]# cat telnet # default: on # description: The telnet server servestelnet sessions; it uses \ # unencryptedusername/password pairs for authentication. service telnet { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID only_from = 192.168.1.12 } #重啟服務 [root@serv01 xinetd.d]# /etc/init.d/xinetd restart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] #serv02可以正常訪問 [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 23:20:57 from 192.168.1.12 [hongyi@serv01 ~]$ exit ogout Connection closed by foreign host. [root@serv02 .ssh]# #serv02不可以正常訪問 [root@serv03 .ssh]# yum install telnet -y [root@serv03 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Connection closed by foreign host. 192.168.1.0/24 172.16.1.0/24 192.168.1.0/255.255.255.0 X access_times = 8:30-17:00 四 telnet不允許某個IP或者某個網段訪問(no_access)[plain] #no_access [root@serv01 xinetd.d]# vim telnet [root@serv01 xinetd.d]# cat telnet # default: on # description: The telnet server servestelnet sessions; it uses \ # unencryptedusername/password pairs for authentication. service telnet { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID no_access = 192.168.1.12 } [root@serv01 xinetd.d]# /etc/init.d/xinetdrestart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Connection closed by foreign host. [root@serv03 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 23:41:22 from 192.168.1.12 [hongyi@serv01 ~]$ #網段 [root@serv01 xinetd.d]# vim telnet [root@serv01 xinetd.d]# cat telnet # default: on # description: The telnet server servestelnet sessions; it uses \ # unencryptedusername/password pairs for authentication. service telnet { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID only_from = 192.168.1.0/24 } [root@serv01 xinetd.d]# /etc/init.d/xinetdrestart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 23:46:23 from 192.168.1.13 [hongyi@serv01 ~]$ [root@serv03 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 23:48:15 from 192.168.1.12 [hongyi@serv01 ~]$ 五 telnet允許或者禁止在某個時間段訪問(access_times、deny_time)[plain] #telnet允許或者禁止在某個時間段訪問,可以通過access_times、deny_time參數控制。比如: #access_times 8:00-17:30 #deny_time 15:00-17:30
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
