We help IT Professionals succeed at work.

Setup FTP and TELNET on Mandrake 7.2

Kong
Kong asked
on
Hi all,

This is a very simple question and I'm too lazy to read up doco...

I have chosen the Developer install option and would like to start the telnet and ftp daemons how do I go about doing that?

Thanks all.
Comment
Watch Question

Top Expert 2005

Commented:
Typically you don't "start up" the telnet and/or ftp daemons. They are managed by inetd or xinetd (I don't know which MD 7.2 uses, but I suspect inetd). Assuming the relevant server packages are installed (check with 'rpm -qa | grep telnet" and 'rpm -qa | grep ftp'), you enable the services by editing /etc/inetd.conf and uncommenting the relevant lines or removing 'disable = yes' in the /etc/xinetd.d/telnet or /etc/xinetd.d/ftp files. After either change you have to tell the master daemon to re-read its config file ('killall -HUP inetd' or 'killall -USR2 xinetd' or reboot). Note that if there is a firewall running you'll need to adjust the ruleset to allow access to the services.
KongAWS Certified Solutions Architect - Professional
BRONZE EXPERT

Author

Commented:
Hi jlevie,

Here is the output from the following commands:

[root@LINUX xinetd.d]# rpm -qa | grep ftp
gftp-2.0.7b-2mdk
lftp-2.2.5-3mdk
ftp-0.17-2mdk
sftp-0.7-4mdk
dpsftplib-0.1.6-2mdk
dpsftplib-devel-0.1.6-2mdk
ncftp-3.0.1-8mdk
dpsftp-0.6.1-4mdk  

[root@LINUX xinetd.d]# rpm -qa | grep telnet
telnet-0.17-5mdk  

I don't have the telnet nor ftp files in my /etc/xinetd.d directory...

In my /etc/inetd.conf file I have the following lines:

# These are standard services.
#
ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  in.ftpd -l -a
telnet  stream  tcp     nowait  root    /usr/sbin/tcpd  in.telnetd              

Does this help?                                                                                                              
KongAWS Certified Solutions Architect - Professional
BRONZE EXPERT

Author

Commented:
btw this is the output of netstat --list:

[root@LINUX /etc]# netstat --list
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 *:1025                  *:*                     LISTEN
tcp        0      0 *:6000                  *:*                     LISTEN
tcp        0      0 *:1024                  *:*                     LISTEN
tcp        0      0 *:10000                 *:*                     LISTEN
tcp        0      0 *:mysql                 *:*                     LISTEN
tcp        0      0 *:631                   *:*                     LISTEN
tcp        0      0 *:756                   *:*                     LISTEN
tcp        0      0 *:printer               *:*                     LISTEN
tcp        0      0 *:swat                  *:*                     LISTEN
tcp        0      0 *:auth                  *:*                     LISTEN
tcp        0      0 *:sunrpc                *:*                     LISTEN
udp        0      0 *:xdmcp                 *:*
udp        0      0 *:10000                 *:*
udp        0      0 *:631                   *:*
udp        0      0 *:754                   *:*
udp        0      0 *:1024                  *:*
udp        0      0 *:sunrpc                *:*
raw        0      0 *:icmp                  *:*                     7
raw        0      0 *:tcp                   *:*                     7
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  0      [ ACC ]     STREAM     LISTENING     1144   /tmp/ksocket-root/klauncher.1379411977.slave-socket
unix  0      [ ACC ]     STREAM     LISTENING     698    /dev/printer
unix  0      [ ACC ]     STREAM     LISTENING     1021   /tmp/.X11-unix/X0
unix  0      [ ACC ]     STREAM     LISTENING     888    /dev/gpmctl
unix  0      [ ACC ]     STREAM     LISTENING     1131   /tmp/.ICE-unix/959
unix  0      [ ACC ]     STREAM     LISTENING     949    /tmp/.font-unix/fs-1
unix  0      [ ACC ]     STREAM     LISTENING     1126   /tmp/ksocket-root/kdeinit-:0
unix  0      [ ACC ]     STREAM     LISTENING     1276   /tmp/.ICE-unix/996
unix  0      [ ACC ]     STREAM     LISTENING     1205   /tmp/mcop-root/LINUX_-03c9-3c587d60
unix  0      [ ACC ]     STREAM     LISTENING     980    /var/lib/mysql/mysql.sock                        
Top Expert 2005

Commented:
I don't see the telnet & ftp server packages listing in your rpm query results and the lack of /etc/xinetd.d/ftp and telnet confirms that they aren't installed. You'll need to install the two rpms from your installation meda and they are probably named telnet-server-???? and ftp-server-????. When those packages have been installed you'll need to make sure that they are enabled in the xinetd.d config files, per the above.
KongAWS Certified Solutions Architect - Professional
BRONZE EXPERT

Author

Commented:
Silly question but... how do I install the rpms? I have the second MD 7.2 Installation CD...
Top Expert 2005
Commented:
Oh that's easy. First you need to know where the packages are on the CD. I don't use mandrake so I can't tell you where they are but it shouldn't be too difficult to find them using something like (which would work on a RedHat distro):

chaos> mount /mnt/cdrom
chaos> find /mnt/cdrom -name "telnet-*"
/mnt/cdrom/RedHat/RPMS/telnet-0.17-20.i386.rpm
/mnt/cdrom/RedHat/RPMS/telnet-server-0.17-20.i386.rpm

From the above I can see where the telnet-server rpm is. So I then install it with:

chaos> rpm -i /mnt/cdrom/RedHat/RPMS/telnet-server-0.17-20.i386.rpm

Once you know where to look on the CD you'll find the ftp server in the same place. I'd just about bet that you'll find the rpms on the CD under 'Mandrake/RPMS'
KongAWS Certified Solutions Architect - Professional
BRONZE EXPERT

Author

Commented:
I found the wu-ftp rpms on the second CD, however installing it using rpm -i did not work complaining that it is already installed.

However, telnet rpm installed without complaints but there was no telnet config file in the /etc/xinetd.d directory...

Anyway, I rebooted with MD CD1 and performed an upgrade to Server. Now I've managed to get ftp working however still no luck with telnet.

Do you have any clues?
Top Expert 2005

Commented:
Hmm, can I see what 'ps -ef | grep inetd | grep -v grep' returns? And I'd like to see what 'rpm -q telnet-server' returns as well as what the contents of /etc/xinetd.d are.
KongAWS Certified Solutions Architect - Professional
BRONZE EXPERT

Author

Commented:
telnet-server was on the installation CD of MD 7.2 I installed it, restarted the xinetd server and voi la!

However, I can't telnet in as root which file do I update to fix that? Don't worry, this is a 'trusted' internal sub-network...

Thanks
Top Expert 2005

Commented:
If you really must do that, then the file to edit is /etc/securettys. Add lines like pts/0, pts/1, etc. You don't have to add all the pts nodes, but put enough in so that normal use of the system won't exhaust them and will leave one of two for telnet use.
KongAWS Certified Solutions Architect - Professional
BRONZE EXPERT

Author

Commented:
This may be a silly question, but now that I've opened up port 23, internet users can ping my IP.

Would changing the telnet port resolve this and how do I configure the telnet server to a new port?

Thanks again
Top Expert 2005

Commented:
Opening port 23/TCP for telnet (or FTP) has nothing to do with pings. Normally a ping is done using ICMP protocol rather than TCP. It's possible to use TCP or UDP, but then the port number is 7.
KongAWS Certified Solutions Architect - Professional
BRONZE EXPERT

Author

Commented:
Do you know how I can disable pings?

I'm behind a DLink firewall/router, for some reason it's letting pings in now.

Thanks
Top Expert 2005

Commented:
Pings aren't a terrible security risk. About the worst that can happen is the you can be the subject of a Denial of Service (DoS) attack. If you've got a single outside IP, like when using ADSL or cable modem, it's probably the D-Link router/firewall that's answering the pings. And the D-Link would certainly be the place to block ICMP traffic, if it has that capability.
KongAWS Certified Solutions Architect - Professional
BRONZE EXPERT

Author

Commented:
You were right, it was handled @ the router end. It's now blocked.

Thanks for all your help Jim.

K
KongAWS Certified Solutions Architect - Professional
BRONZE EXPERT

Author

Commented:
Thanks a million!
Top Expert 2005

Commented:
You're welcome, I'm glad to have been able to help.