Difference between revisions of "Telnet"

From ArchWiki
Jump to: navigation, search
m (l18n)
m (add ja link)
 
(7 intermediate revisions by 5 users not shown)
Line 1: Line 1:
[[Category:Daemons and system services]]
+
[[Category:Networking]]
 
[[de:Telnet]]
 
[[de:Telnet]]
 
[[es:Telnet]]
 
[[es:Telnet]]
 +
[[ja:Telnet]]
 
[[zh-CN:Telnet]]
 
[[zh-CN:Telnet]]
[[Wikipedia:Telnet|Telnet]] is the traditional protocol for making remote console connections over TCP. Telnet is '''not secure''' and is mainly used to connect to legacy equipment nowadays. For a secure alternative see [[SSH]].
+
[[Wikipedia:Telnet|Telnet]] is the traditional protocol for making remote console connections over TCP. Telnet is '''not secure''' and is mainly used to connect to legacy equipment nowadays. Telnet traffic is easily sniffed for passwords and connections should never be made over any untrusted network including the Internet unless encrypted with [[SSH]] or tunneled though a VPN. For a secure alternative see [[SSH]].
  
Follow these instructions to configure an Arch Linux machine as a telnet server.
+
Follow these instructions to configure an Arch Linux machine for telnet.
  
==Installation==
+
== Installation ==
  
To use telnet only to connect to other machines, install inetutils (if not already installed):
+
To use the telnet client to connect to other machines, [[install]] {{Pkg|inetutils}}.
# pacman -S inetutils
+
  
To configure a telnet server, install xinetd as well:
+
A telnet server can be configured with [[systemd]] sockets or xinetd. telnetd via systemd requires only the inetutils package. To configure a telnet server with xinetd, install {{Pkg|xinetd}} as well.
# pacman -S xinetd
+
  
==Configuration==
+
== Configuration ==
  
1. To allow telnet connections in xinetd, edit {{ic|/etc/xinetd.d/telnet}} and change '{{Ic|1=disable = yes}}' to '{{Ic|1=disable = no}}'
+
To enable telnet server connections in systemd, [[enable]] {{ic|telnet.socket}} if the telnet server should be started on every boot, and [[start]] {{ic|telnet.socket}} to test connectivity.
  
2. Add {{Ic|xinetd}} to the {{Ic|DAEMONS}} array of your [[rc.conf]]:
+
To enable telnet server connections in xinetd, edit {{ic|/etc/xinetd.d/telnet}}, change {{ic|1=disable = yes}} to {{ic|1=disable = no}} and restart the xinetd service.
DAEMONS=(... '''xinetd''')
+
  
3. Reboot or restart xinetd:
+
[[Enable]] systemd xinetd service if you wish to start it at boot time.
# /etc/rc.d/xinetd restart
+
  
===Testing the setup===
+
=== Testing the setup ===
  
 
Try opening a telnet connection to your server:
 
Try opening a telnet connection to your server:
 
  $ telnet localhost
 
  $ telnet localhost
  
Note that you can not login as root.
+
Try a root login to see if your configuration permits it and the security implications that implies.

Latest revision as of 07:07, 13 November 2015

Telnet is the traditional protocol for making remote console connections over TCP. Telnet is not secure and is mainly used to connect to legacy equipment nowadays. Telnet traffic is easily sniffed for passwords and connections should never be made over any untrusted network including the Internet unless encrypted with SSH or tunneled though a VPN. For a secure alternative see SSH.

Follow these instructions to configure an Arch Linux machine for telnet.

Installation

To use the telnet client to connect to other machines, install inetutils.

A telnet server can be configured with systemd sockets or xinetd. telnetd via systemd requires only the inetutils package. To configure a telnet server with xinetd, install xinetd as well.

Configuration

To enable telnet server connections in systemd, enable telnet.socket if the telnet server should be started on every boot, and start telnet.socket to test connectivity.

To enable telnet server connections in xinetd, edit /etc/xinetd.d/telnet, change disable = yes to disable = no and restart the xinetd service.

Enable systemd xinetd service if you wish to start it at boot time.

Testing the setup

Try opening a telnet connection to your server:

$ telnet localhost

Try a root login to see if your configuration permits it and the security implications that implies.