Difference between revisions of "Telnet"

From ArchWiki
Jump to: navigation, search
(Configuration: I couldn't get telnetd to work with the current inetutils package, only with inetutils-git. Tested on three servers.)
 
(24 intermediate revisions by 16 users not shown)
Line 1: Line 1:
[[Category:Daemons_and_system_services (English)]]
+
[[Category:Networking]]
 +
[[de:Telnet]]
 +
[[es:Telnet]]
 +
[[ja:Telnet]]
 +
[[zh-hans:Telnet]]
 +
[[Wikipedia:Telnet|Telnet]] is the traditional protocol for making remote console connections over TCP. Telnet is '''not secure''' and is mainly used to connect to legacy equipment nowadays. Telnet traffic is easily sniffed for passwords and connections should never be made over any untrusted network including the Internet unless encrypted with [[SSH]] or tunneled though a VPN. For a secure alternative see [[SSH]].
  
{{i18n_links_start}}
+
== Installation ==
{{i18n_entry|English|Telnet}}
 
{{i18n_entry|简体中文|Telnet (简体中文)}}
 
{{i18n_links_end}}
 
=Introduction=
 
  
TELNET is the traditional protocol for making remote console connections over TCP. TELNET is not secure, and is mainly used to connect to legacy equipment now days.
+
To use the telnet client to connect to other machines, [[install]] {{Pkg|inetutils}}.
  
Follow these instructions to configure an Arch Linux machine as a telnet server.
+
A telnet server can be configured with [[systemd]] sockets or xinetd. telnetd via systemd requires only the inetutils package. To configure a telnet server with xinetd, install {{Pkg|xinetd}} as well.
  
=Installation=
+
== Configuration ==
  
To only use telnet to connect to other machines, install netkit-telnet:
+
To enable telnet server connections in systemd, [[enable]] {{ic|telnet.socket}} (if the telnet server should be started on every boot), and [[start]] {{ic|telnet.socket}} to test connectivity.
  
<pre>
+
To enable telnet server connections in xinetd, edit {{ic|/etc/xinetd.d/telnet}}, change {{ic|1=disable = yes}} to {{ic|1=disable = no}} and restart the xinetd service.
# pacman -S netkit-telnet
 
</pre>
 
  
To also configure a telnet server, install xinetd as well:
+
[[Enable]] systemd xinetd service if you wish to start it at boot time.
  
<pre>
+
=== Testing the setup ===
# pacman -S xinetd netkit-telnet
 
</pre>
 
  
*Important, "Telnetd is evil legacy code and is not trustworthy - do not run it unless you absolutely need it." a quote from the netkit-telnet readme.
+
Try opening a telnet connection to your server:
 
+
$ telnet localhost
A better option when needing a telnet server, is to install telnet-bsd from AUR instead of netkit-telnet (which also has support for IPv6).
 
 
 
=Configuration=
 
 
 
1. To allow telnet connections in xinetd:
 
<pre>
 
# vi /etc/xinetd.d/telnet
 
</pre>
 
 
 
Change 'disable' from 'yes' to 'no'
 
 
 
2. To allow telnet connections to your machine, add the following to /etc/hosts.allow:
 
<pre>
 
in.telnetd: ALL
 
</pre>
 
  
3. Add xinetd to the "DAEMONS" section of your /etc/rc.conf file.
+
Try a root login to see if your configuration permits it and the security implications that implies.
  
<pre>
+
If the session disconnects before you receive a login prompt, try installing {{AUR|inetutils-git}} in place of the current inetutils and restarting telnet.socket.
DAEMONS=(syslog-ng network netfs crond ............ xinetd)
 
</pre>
 
 
 
4. Reboot or restart xinetd:
 
<pre>
 
# /etc/rc.d/xinetd restart
 
</pre>
 
 
 
===Testing the setup===
 
 
 
Try opening a telnet connection to your server:
 
<pre>
 
$ telnet localhost
 
</pre>
 
  
Note that you can not login as root (to either netkit or bsd telnet).
+
{{Tip|If you receive junk codes from a remote telnet server sending non-ascii chars with a non-unicode encoding, you might want to try {{Pkg|xorg-luit}} to solve this problem.}}

Latest revision as of 00:31, 8 March 2018

Telnet is the traditional protocol for making remote console connections over TCP. Telnet is not secure and is mainly used to connect to legacy equipment nowadays. Telnet traffic is easily sniffed for passwords and connections should never be made over any untrusted network including the Internet unless encrypted with SSH or tunneled though a VPN. For a secure alternative see SSH.

Installation

To use the telnet client to connect to other machines, install inetutils.

A telnet server can be configured with systemd sockets or xinetd. telnetd via systemd requires only the inetutils package. To configure a telnet server with xinetd, install xinetd as well.

Configuration

To enable telnet server connections in systemd, enable telnet.socket (if the telnet server should be started on every boot), and start telnet.socket to test connectivity.

To enable telnet server connections in xinetd, edit /etc/xinetd.d/telnet, change disable = yes to disable = no and restart the xinetd service.

Enable systemd xinetd service if you wish to start it at boot time.

Testing the setup

Try opening a telnet connection to your server:

$ telnet localhost

Try a root login to see if your configuration permits it and the security implications that implies.

If the session disconnects before you receive a login prompt, try installing inetutils-gitAUR in place of the current inetutils and restarting telnet.socket.

Tip: If you receive junk codes from a remote telnet server sending non-ascii chars with a non-unicode encoding, you might want to try xorg-luit to solve this problem.