telnet采用基于telnet协议的数据传输方式,应用场景广泛,但有安全隐忧,目前基于ssh加密的传输方式更安全。
下面是centos上telnet配置:
[root@smith etc]# yum install telnet*
Loading "installonlyn" plugin
Loading "rhnplugin" plugin
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Setting up repositories
disk 100% |=========================| 951 B 00:00
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for telnet-server to pack into transaction set.
telnet-server-0.17-38.el5 100% |=========================| 8.4 kB 00:00
---> Package telnet-server.i386 1:0.17-38.el5 set to be updated
--> Running transaction check
--> Processing Dependency: xinetd for package: telnet-server
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for xinetd to pack into transaction set.
xinetd-2.3.14-10.el5.i386 100% |=========================| 7.7 kB 00:00
---> Package xinetd.i386 2:2.3.14-10.el5 set to be updated
--> Running transaction check
Dependencies Resolved
=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
telnet-server i386 1:0.17-38.el5 disk 35 k
Installing for dependencies:
xinetd i386 2:2.3.14-10.el5 disk 124 k
Transaction Summary
=============================================================================
Install 2 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 159 k
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: xinetd ######################### [1/2]
Installing: telnet-server ######################### [2/2]
Installed: telnet-server.i386 1:0.17-38.el5
Dependency Installed: xinetd.i386 2:2.3.14-10.el5
Complete!
[root@smith etc]#
[root@smith etc]#
[root@smith etc]# vi /etc/xinetd.
xinetd.conf xinetd.d/
[root@smith etc]# vi /etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses \
# unencrypted username/password pairs for authentication.
service telnet
disable = yes
}
[root@smith etc]# vi /etc/pam.d/login
----------------注释掉auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
#%PAM-1.0
auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session include system-auth
session required pam_loginuid.so
session optional pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open
session optional pam_keyinit.so force revoke
[root@smith etc]# service xinetd restart
Stopping xinetd: [FAILED]
Starting xinetd: [ OK ]
[root@smith etc]# netstat –antlp
------------23端口已开启------------
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:804 0.0.0.0:* LISTEN 3590/rpc.statd
tcp 0 0 0.0.0.0:40485 0.0.0.0:* LISTEN 6553/qq
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 3564/portmap
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 4717/X
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 7535/xinetd
[root@smith etc]# telnet localhost
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
getaddrinfo: localhost: Connection timed out
Name or service not known: Illegal seek
Connection closed by foreign host.
[root@smith etc]#
[root@smith ~]# service iptables stop
[root@smith ~]# vi /etc/sysconfig/selinux
------把SELINUX=enforcing改为SELINUX=disable
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=enforcing
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
[root@smith ~]# hostname
smith
[root@smith ~]# vi /etc/hosts
--------------加入192.168.198.128 smith行
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
login: Connection closed by foreign host.
[root@smith ~]# telnet localhost
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
Red Hat Enterprise Linux Server release 5 (Tikanga)
Kernel 2.6.18-8.el5 on an i686
login:
至此telnet配置OK,经历了困扰,尤其/etc/hosts文件的配置,也只是照葫芦画瓢,不理解真正的缘由。
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/22804047/viewspace-683101/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/22804047/viewspace-683101/