Solved

telnet on linux

Posted on 2002-07-11
9
417 Views
Last Modified: 2013-12-15
here is a problem i am facing see, see if u can help me......


i had installed linux (red hat 7.0) on a machine and had assigned 192.168.1.100 as ip address to that machine.
  I am not ble to log onto my linux machine from other machine (on
the same network) with Telnet 192.168.1.100.
 but if i write telnet 192.168.1.100 after logging in at linux machine then i am getting login prompt and i am able to login again.
 Xinetd service is running.
 tcp and udp service are also running.
 In /etc/xinetd/telnet file telnet service is enable.
 I am able to ping from linux machine to other PC on the network and vice versa.Ping is working correctly.

If i have to stop and start telnet service manually then how should i proceed.
   
 How should i proceed
   thanks

paramjit singh
0
Comment
Question by:paramibm
9 Comments
 
LVL 1

Expert Comment

by:smisk
ID: 7146145
It sounds like you have ipchains running to prevent connections from other hosts.  Can you post the results of the following command (as root) :

%> /sbin/ipchains -L
0
 
LVL 1

Expert Comment

by:swapsthegreat
ID: 7146279
when u telnet from other machine, do u get connected and cant login or u dont get connected at all ?

also check hosts.allow and hosts.deny in addition to smisk's suggestion
0
 

Expert Comment

by:81ncpappy
ID: 7159729
Sounds to me like a PAM issue...  If you check the file located at "/etc/pam.d/login" you should see a line near the top that requires all logins be from a secure terminal (meaning the physical console, IE not remote).  If you either delete or comment out this line you should be able to telnet in.  One other solution would be to use SSH, telnet is very bad since it can easily be compromised by sniffing the passwords...

Here is the line to comment out.

#auth       required    /lib/security/pam_securetty.so

Hope this helps.

Nick
0
 
LVL 1

Expert Comment

by:ErikKruijswijk
ID: 7169036
AUthorization for a service like telnet, works in a few steps.
1: tcp level, can a service be connected via the network ?
ipchains or later iptables can be configured in such a way that it does not allow a telnet connection from anywhere but the localhost.
To resolve this, you should check your firewall settings to allow tcp port 23.
ipchains -A -p tcp --destination-port 23 -j ACCEPT
iptables -A -p tcp --dport 23 -j ACCEPT

2: computername, specify the computer wich can connect to the service. This is specified in the /etc/hosts.allow and /etc/hosts.deny files.
you can set the hosts.deny file to ALL:ALL. This will deny all systems.
Then, specify in hosts.allow the service:computer
in.telnetd:MYSYSTEM or ALL:MYSYSTEM
Make sure, the systemname MYSYSTEM is known in /etc/hosts

3: PAM enabled services.
You can setup the telnet service to use PAM authentication, so that numerous settings are checked, before access to the service is allowed.
With PAM you can create a file, with "nontelnet users", wich will give access to the telnet service if the username is not found in the "non telnetusers file".

If this is all correctly implemented, you should be able to connect to the telnet service.
BUT, telnet is nice, but it is a very  dangerous service, whereas usernames and passwords are sent over the line in clear text. ssh is a lot safer methode of having a prompt on the remote machine.

Hope this helps.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 1

Expert Comment

by:bushmannt
ID: 7180466
are you trying to log in with root?  most (sane) distros disallow you from telneting in directly as root, you must log in as joeuser first, and then su root.
0
 

Expert Comment

by:CleanupPing
ID: 9076996
paramibm:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 1

Expert Comment

by:drewber
ID: 9220368
This question has been classified abandoned. I will make a recommendation to the moderators on its resolution in a week or two. I appreciate any comments that would help me to make a recommendation.
 

Unless it is clear to me that the question has been answered I will recommend delete. It is possible that a Grade less than A will be given if no expert makes a case for an A grade. It is assumed that any participant not responding to this request is no longer interested in its final disposition.

 
If the user does not know how to close the question, the options are here:
http://www.experts-exchange.com/help/closing.jsp
 
drewber
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 10380088
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

PAQ - no points refunded

Please leave any comments here within the next four days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

paullamhkg
EE Cleanup Volunteer
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 10420909
PAQed - no points refunded (of 20)

Computer101
E-E Admin
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now