telnet server on linux

Error message

The spam filter installed on this site is currently unavailable. Per site policy, we are unable to accept new submissions until that problem is resolved. Please try resubmitting the form in a couple of minutes.
Satish Tiwary's picture
telnet in redhat linux

Although telnet is a deprecated method used for remote login, even today it is used for testing purpose and other demonstrations in Linux field. In this post we will make walk you through the steps of installing and configuring telnet server on a redhat Linux machine.

The redhat version that we are using for this tutorial is Red Hat Linux 5.4.

We will install this using YUM package management tool. The main advantage of using YUM for installing is, it handles the dependency issues by itself in a good manner.

 

[root@satish ~]# yum install telnet*
Loaded plugins: rhnplugin, security
Repository 'satish' is missing name in configuration, using id
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Package 1:telnet-0.17-39.el5.i386 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package telnet-server.i386 1:0.17-39.el5 set to be updated
--> Finished Dependency Resolution

 

Step2:Telnet Configuration File in Linux

#vim /etc/xinetd.d/telnet

service telnet
{
       flags          = REUSE
       socket_type    = stream
       wait           = no
       user           = root
       server         = /usr/sbin/in.telnetd
       log_on_failure += USERID
       disable        = no
}

save and exit

note:in above file we have made only a single change and that is we have write disable=no in place of yes.

 

Step3:Restart xinetd service


#service xinetd restart

#chkconfig xinetd on
 
 
Step4: Check your telnet setup now from a telnet client pc.
$telnet 192.168.1.1
 here 192.168.1.1 is the ip address of telnet server.
 
IF you find any problem flush the iptables rules by using below command.

#iptables -F
 
and disable selinux policy by

 #setenforce 0
 
[root@satish ~]# setenforce 0
setenforce: SELinux is disabled

 

Step5:Now check telnet login by telneting satish.com host

[root@satish ~]# telnet satish.com
Trying 192.168.1.1...
Connected to satish.com (192.168.1.1).
Escape character is '^]'.
Red Hat Enterprise Linux Server release 5.4 (Tikanga)
Kernel 2.6.18-164.el5 on an i686

 

How to Check the telnet support commands for a specific user.

 

[root@localhost ~]# telnet -l satish@192.168.1.1
telnet> help

 

How to connect through a site using telnet?

telnet> open slashroot.in
Trying 199.79.62.54...

 

How to login through a particular user using telnet command?

[root@localhost ~]# telnet -l satish@192.168.1.1
telnet> open 192.168.1.1
Trying 192.168.1.1...
Connected to 192.168.1.1 (192.168.1.1).
Escape character is '^]'.
Password:
Login incorrect

login: satish
Last login: Wed Apr 24 00:54:13 from 192.168.1.1
[satish@localhost ~]$ whoami
satish
[satish@localhost ~]$


How to use diplay command here?

telnet> display
 

How to use telnet mode?

telnet> mode

 

TELNET SERVER IS INSECURE

Telnet is used to remote login. The login name and password are in clear text format while logging. so if some one is tracing our connection using wireshark like tools, then he/she can easily see your data along with your login id and password.And even a remote user can easily find that your telnet port is on or not by just using simple nmap command.

[root@localhost test]# nmap 192.168.1.1

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-04-24 01:27 EDT
Interesting ports on 192.168.1.1:
Not shown: 1673 closed ports
PORT      STATE SERVICE
23/tcp    open  telnet
79/tcp    open  finger
111/tcp   open  rpcbind


Nmap finished: 1 IP address (1 host up) scanned in 0.463 seconds

Hence one can clearly see that port for telnet is open.so now he or she can attempt to have a remote login on this machine and to get remote login username and password he/she can use wireshark.

IF YOU ARE USING UBUNTU :

#apt-get update
#apt-get install wireshark tshark

If you are using Rhel,  Fedora or CentOS:

root@localhost test]# yum install wireshark*

So what to do when you find no use of telnet in your system?

  • Check  telnet configuration file(/etc/xinetd.d/telnet) and set the "Disable" option to "yes".
  • Check another file which is optional file to configure telnet (/etc/xinetd.d/krb5-telnet) and also set the Disable option to yes here too.
  • You can also disable telnet through Firewall.
  • Tcpwrapper can also be used to block telnet service.
  • Disable telnet service     [root@satish ~]# service xinetd stop    
  •                                                                                                                                                           *                [root@satish ~]# chkconfig xinetd off

 

  • you can also remove telnet server package.

 

  • [root@satish ~]# yum remove telnet-server    ---->>this will uninstall telnet server
     

 

What if your company ask you to configure telnet for remote login?

How will you configure telnet for secure remote login?

How will you use ablity of xinetd to control the amount of its resources to utilize in optimize way and secure way?

Altough it is not a good idea now a days to configure telnet for remote login, But still we can make telent secure by applying some security levels to it if we are asked to implement telnet for secure Login.

 

We can bind telnet with Kerberose Server to make Telnet Secure.

 

How to make Telnet Server Secure with configuring it on a customized port?

or  Configure telnet for secure remote login.

Secure Tenet Server Configuration:

 

step1: copy telnet configuration file to another file name stelnet.

[root@localhost ~]# cp /etc/xinetd.d/telnet /etc/xinetd.d/stelnet

step2:Now make changes in configuration file /etc/xinetd.d/stelnet and change  service from telnet to stelnet, change disable from yest no and add port number manually here it's 8888.

service stelnet
{
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure  += USERID
        disable         = no
        port            =8888
}


step3:Now manuaaly add port number to your linux machine and inform them that you are going to use it for telnet purpose.

Go to /etc/services file and make this entry.

 

stelnet         8888/tcp                        #secure telnet port
tcpmux          1/tcp                           # TCP port service multiplexer
tcpmux          1/udp                           # TCP port service multiplexer

 

step4:Restart the xinetd service after making above changes.

[root@localhost ~]# service xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]

 

step5:Now test your telnet login through your newly assigned port.

so now you need to know ip and port both if you want to login through telnet because bydefault port of telnet 23 has been changed now.

[root@localhost ~]# telnet 192.168.1.1 8888
Trying 192.168.1.1...
Connected to 192.168.1.1 (192.168.1.1).
Escape character is '^]'.
Red Hat Enterprise Linux Server release 5.4 (Tikanga)
Kernel 2.6.18-164.el5 on an i686
login: satish
Password:
Last login: Sat Jul 20 11:06:01 from 192.168.1.1
[satish@localhost ~]$

 

How to send mail using telnet (telnet+smtp)

Integrating smtp over telnet or you can say telnet over smtp port.

Now for troubleshooting SMTP or mailing services we can use telnet. Here we learn how to send mail using telnet.Since we know that smtp(Simple Mail Transfer Protocol )works on port 25. So we get connected on smtp port using telnet and send mail.

 

[root@satish ~]# telnet satish.com 25
Trying 1.1.1.1...
Connected to satish.com (1.1.1.1).
Escape character is '^]'.
220 satish.com ESMTP Sendmail 8.13.8/8.13.8; Wed, 12 Feb 2014 12:14:49 +0530
ehlo satish
250-satish.com Hello satish.com [1.1.1.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
mail from:root@satish.com
rcpt to:shivangi@satish.com
data
hey shivangi I love You!                                    
howz your classes going on?
have you got admission in LMNIT?
.
250 2.1.0 root@satish.com... Sender ok
250 2.1.5 shivangi@satish.com... Recipient ok
354 Enter mail, end with "." on a line by itself
250 2.0.0 s1C6inOC015669 Message accepted for delivery
quit

Explanation:

we are sitting on satish.com.

root and shivangi are two users on satish.com machine.

root want to send a mail to user shivangi using telnet and smtp port.

mail from:root@satish.com      it means root is the sender and is on satish.com

rcpt to: shivangi@satish.com   it means data or mail will be sent to user shivangi which is also on satish.com.

data                                          any content can be written after typing data only ,not otherwise.

.                                                (.) dot is used to specify that now we have no more data to write or send.

quit                                           this command tells to quit after sending mails back to terminal.
 

How to receive or retrieve mails from inbox or mail server using telnet.(Telnet+pop3)

Here we learn how to retrieve emails using telnet.Since When telnet combines with port 110 it works like a pop3 protocol and able to reterive mails from inbox.

now see how to retrieve or read the message send by root user. On the same machine we telnet on port 110 which is pop3 port.

As we all know POP uses TCP port 110.

And POP3s uses SSL encryption over TCP port 995.

Here we are going to use port 110 it means no SSL support.

[root@satish ~]# telnet satish.com 110
Trying 1.1.1.1...
Connected to satish.com (1.1.1.1).
Escape character is '^]'.
+OK Dovecot ready.
user shivangi
+OK
pass shivangi
+OK Logged in.
stat
+OK 1 412
list
+OK 1 messages:
1 412
.
retr 1
+OK 412 octets
Return-Path: <root@satish.com>
Received: from satish (satish.com [1.1.1.1])
        by satish.com (8.13.8/8.13.8) with ESMTP id s1C6inOC015669
        for shivangi@satish.com; Wed, 12 Feb 2014 12:17:04 +0530
Date: Wed, 12 Feb 2014 12:14:49 +0530
From: root <root@satish.com>
Message-Id: <201402120647.s1C6inOC015669@satish.com>

hey shivangi I love You!
howz your classes going on?
have you got admission in LMNIT?
.
quit

Explanation:

user shivangi                 define the name of user whom you want to login and read.

pass shivangi                It means password for above user is shivangi.

list                                 shows the list of messages or mails in inbox

retr 1                             means go and open or retrieve mail 1.

.                                    dot means task is over and we are ready to quite from here.

quit                               exit from here after everything done.

IF YOU WANT TO READ MORE ABOUT TELNET YOU CAN GET IT HERE

Rate this article: 
Average: 4.6 (5 votes)

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.