在centos5開啟telnet服務並驗證

最後更新：2016-10-26 來源：互聯網

上載者：User

創建阿里雲帳戶，並獲得超過 40 款產品的免費試用版；而企業帳戶則可以享有總值 $1200 的免費試用版。立即註冊！

標籤：art sys 使用者登入 manual oca use commit host start

1.安裝telnet服務

[[email protected] ~]# yum install telnet

2.檢查是否成功安裝

[[email protected] ~]# rpm -qa | grep telnettelnet-0.17-38.el5telnet-server-0.17-38.el5                                      #####有顯示就是正確的

3.修改檔案開啟服務

[[email protected] home]# vim /etc/xinetd.d/telnet # default: on# description: The telnet server serves telnet sessions; it uses #       unencrypted username/password pairs for authentication.service telnet{        flags           = REUSE        socket_type     = stream        wait            = no        user            = root        server          = /usr/sbin/in.telnetd        log_on_failure  += USERID        disable         = no                              #####是指禁止遠方telnet，改為no就是啟動}

[[email protected] xinetd.d]# service  xinetd  restart
停止 xinetd：                                              [確定]
啟動 xinetd：                                              [確定]

4.停止iptables、seliunx（可以在iptables中開啟telnet的23連接埠，後面有介紹）

5.測試能否能用root賬戶telnet（若沒配置一般是不行的）

6.修改配置使root登陸

當我們失敗後，linux是會記錄下失敗記錄作為日誌在/var/log/secure

Oct 26 08:17:57 localhost login: pam_securetty(remote:auth): access denied: tty ‘pts/1‘ is not secure !Oct 26 08:18:01 localhost login: FAILED LOGIN 1 FROM 192.168.165.1 FOR root, Authentication failure

可以看到沒有pts/1所以被拒絕了

我們可以在修改添加一個虛擬線程

[[email protected] xinetd.d]# vi /etc/securetty consolevc/1vc/2vc/3vc/4vc/5vc/6vc/7vc/8vc/9vc/10vc/11tty1tty2tty3tty4tty5tty6tty7tty8tty9tty10tty11pts/1

再次測試

Xshell:\> telnet 192.168.165.136Connecting to 192.168.165.136:23...Connection established.To escape to local shell, press ‘Ctrl+Alt+]‘.CentOS release 5 (Final)Kernel 2.6.18-8.el5 on an i686login: rootPassword: Last login: Wed Oct 26 08:13:15 from 192.168.165.1[[email protected] ~]#

ps：不建議直接用root登陸，因為telnet是明文傳輸。建議用一個普通使用者登入然後su到root使用者權限

7.在有防火牆的情況下配置telnet

修改防火牆配置，添加一條開發telnet的23號連接埠

[[email protected] ~]# vi /etc/sysconfig/iptables# Firewall configuration written by system-config-securitylevel# Manual customization of this file is not recommended.*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]:RH-Firewall-1-INPUT - [0:0]-A INPUT -j RH-Firewall-1-INPUT-A FORWARD -j RH-Firewall-1-INPUT-A RH-Firewall-1-INPUT -i lo -j ACCEPT-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT-A RH-Firewall-1-INPUT -p 50 -j ACCEPT-A RH-Firewall-1-INPUT -p 51 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT                   ######開放23號連接埠
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT  -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibitedCOMMIT~                                                                                                                                                                                                                                ~

在centos5開啟telnet服務並驗證

本文章原先以中文撰寫並發佈於 aliyun.com，亦設英文版本，僅作資訊用途。本網站不對文章的準確性，完整性或可靠性或其任何翻譯作出任何明示或暗示的陳述或保證。如對該文章有任何疑慮或投訴，請傳送電郵至 info-contact@alibabacloud.com 並提供相關疑慮或投訴的詳細說明。職員會於 5 個工作天內與您聯絡，一經驗證之後，即會刪除該侵權內容。

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

在centos5開啟telnet服務並驗證

聯繫我們

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support