Tags

, ,

–Telnet server in Linux–

Telnet (Terminal Network) is a network protocol that provides a virtual text-based command line interface at a remote location on a remote computer.telnet is a bidirectional network protocol means one can send & receive information using telnet.Telnet is a text- only protocol means you won’t see graphics or fancy images while working with Telnet, nor will you be able to transfer files with Telnet.

 

 

Note:- This configuration properly works on Rhel4, Rhel5, Rhel6, Rhel7, centOS(5,6,7) & Fedora.

 

Read also: SQUID SERVER IN LINUX.

 

Step by step guide to telnet configuration

 

Step 1

 

First of all, we have to install telnet package..To view telnet package in Redhat package manager(rpm) use command:

#rpm -qa | grep telnet

telnet server

 

Step 2

 

So as you see in step 1  we have two packages related to telnet. Now to install these packages, we will use yum package manager. If you don’t know how to install a package using yum then first read ==> yum server configuration in Linux

Use below command to install telnet ==>

 

telnet in linux
Explanation of above command–>

 

-y ==> if you use this option then during installation no yes/no check will be asked.

telnet* ==> all package related to telnet will be installed at once.

Step 3

 

Next go to telnet configuration file ==>

#vim  /etc/xinetd.d/telnet

telnet
We have to modify last line (disable = yes) such as ==>

disable = no

telnet use esc:wq to save this file.

 

Step 4

 

Now we have to restart telnet service.

 

telnet tricks
(Here we use chkconfig xinetd on command to make telnet service entry in startup script (Telnet service will automatically get started at the time of restart)

 

So we successfully installed telnet service on our Linux system. Now we have to do telnet on client or target PC. So let’s dive into the second part of the article==>

 

(how to use telnet in Linux)

(Telnet login as general user on client PC)

 

If you want to do telnet on any computer then the client PC must be in your WiFi network or it must be connected to your PC in LAN.
remember some important points before doing telnet on target pc–>

 

>You need ip address of target pc
>Telnet port must be open on target pc. To check telnet port is open or not on target pc use nmap tool
>To install nmap in linux simply use command:

#yum install nmap*

Tocheck which port in open on client pc==>nmap  ip-address of target pcnmap
>So as you see telnet port is open on the client pc
>Firewall and selinux must be off or disabled on client pc for telnet.
>To flush firewall use command==>

iptables -F (it will remove all firewall settings)
>to disable selinux use command ==> setenforce 0 (it will permit telnet on target PC)
To view selinux status use command ==> getenforce

telnet firewal selinux

 

Do you know what isSWAP SPACE IN LINUX-?

Let’s do Telnet on client Pc

 

So we are ready to do telnet on our target or client pc ==>
Step 1>>  use command ==>

 

telnet (ip-address of client pc)

 

for ex. #telnet 192.168.1.110

 

telnet on target
Now it will ask for username and password so just input correct username and password.
for e.g. username shankar
password ******

 

telnet

 

Step2>>  Now you are on client pc. To check it use command:

who am i
OR
who

 

telnet
Step3>> To get out from client pc use command ==> exit

 

telnet

 

 

(How to log in as a root user on client PC)

 

We can’t login as root user on client PC because by default no extra port is open for remote connections using telnet or ssh. So we have to manually add ports on target PC.

 

How to add ports manually on client pc for root user login??

 

On client PC go to file==>

#vim   /etc/securetty

(securetty file contains all the ports for login purposes)

 

telnet

Now we manually add some ports to the end of above file.

Add pts/1, pts/2, pts/3 etc

 

telnet

 

(With the help of these additional ports we can easily login into target or client pc as root user)

Next save the file ==> esc:wq
>That’s it, now we are ready to log in as root user on client PC with command:

telnet (ip-address of target pc) 

 

#telnet 192.168.1.110

 

telnet in rhel5
So now you are log in on target PC as a root user. Now the target PC is in your full control, you can shutdown target PC, add partitions and do every  function that a root user can do on a Linux system.

 

How to login to a specific user using telnet service?

 

If you know the username and IP address of the target or client PC then you can directly login into the target PC using command==>

#telnet  -l  username@ip-address

 

telnet

 

Some important help commands while doing telnet on target PC==>

 

telnet help

 

“Stop or disable telnet service”

 

As we all know that telnet is not secure so it’s better to turn off telnet service on your PC. To turn off telnet service in red hat Linux follow given steps–>

Go to terminal and use command==>

vim  /etc/xinetd.d/telnet
Now your telnet configuration file will open. In this file. set disable = yes and save the file.

To stop telnet service use command:

#service xinetd stop
#chkconfig xinetd off

 

You can also use the firewall rule to block telnet:

#iptables -t filter -A INPUT -s 192.168.1.0/24 -P telnet -j DROP

 

You can use tcpwrapper to block or disable telnet service.

you can remove Telnet server package by using command:

#yum remove telnet-server

 

(Telnet is not secure)

 

The one thing you must know about Telnet is that it is not a secure protocol. When you login to a remote PC using Telnet, your username and password is sent in plain text. Means they are not encrypted so if a person is using network analyzer tool in a network then by analyzing packets, it will get your username and password very easily. So that’s how telnet is not secure. Due to these security flaws telnet is replaced by more secure ssh protocol.

 

                          Secure telnet server (stelnet)

 

Now we learn how to configure telnet for secure remote login. As we know there  are many security flaws in telnet but still we can configure port-based security on our telnet  server. So now if a user knows ip -address of your PC and want to do telnet on  your secure telnet configured PC then he will be not able to  login to your PC,  it requires both IP -address and port to login through secure telnet server.

 

Secure Telnet Server Configuration

 

Step 1 

 

Copy telnet configuration file to another file named stelnet.

#cp  /etc/xinetd.d/telnet  /etc/xinetd.d/stelnet

 

telnet

 

Step 2

 

Now go to /etc/xinetd.d/stelnet and make changes in it. Here change service from telnet to stelnet, and change disable from yes to no and add port number manually to 8888.

 

telnet

telnet

 

 Step 3

Now we have to add this port no 8888 manually to our Linux machine. Go to /etc/services file and make the entry of port.

#vim /etc/services

telnet

telnet

 

Step 4

 

Now simply restart the xinetd service after making above changes.

#service xinetd restart

 

Step 5

 

Now we will test our telnet login through the port 8888 ==>

 

telnet

 

So its clear that a user need both ip address and port to login through secure telnet. So that’s how we can add port-based security to our telnet server and make it secure from unwanted attacks and hacks.

 

Conclusion

Today in this article we have learned about how to configure telnet server in Linux and how to telnet through general and root user and how to secure our Linux server by assigning port security to it.

>Don’t forget to rate this article and follow us for more interesting Linux articles. Please give feedback in the comment section so that we will help you more  and make better articles.

 

Want more Linux tutorials??

If yes, then request any tutorial related to Linux. Simply mail me at sanjay@helpingyouonline.net