# Telnet

## thompsonmike

I cant get my Telnet server to accept incoming connectiuons......

I have emerged a telnet package, and can telnet from it as a client, but cannot telnet into my own box.

I only use telnet locally on my network, if I need access externally I use SSH.

Do I need to emerge something else, or perhaps list telnet as a service somewhere?

I have only ever used RedHat before, and all that hand holding is good, but I am feeling *really* lost at the moment!

Also, I need a POP3 server running on the system so clients can grab their mail, I have emerged Postfix, and a POP3 server, (qpopper) but can get a connection, is this possibly something to do with the same problem as Telnet?

----------

## !k

after the emerge, you're going to have to start the server.

----------

## thompsonmike

 *!k wrote:*   

> after the emerge, you're going to have to start the server.

 

Umm. 

What is the syntax of starting the server?

telnetd run on its own gives a error about operation on a non socket.. and telnetd port number also gives errors.

And how would I start this at bootup? THere is no entry in /etc/init.d/Last edited by thompsonmike on Tue Jan 20, 2004 5:24 am; edited 1 time in total

----------

## DopeGhoti

Try 

```
/etc/init.d/telnetd start
```

to start it manually, and to have the server run automatically, run 

```
rc-update add telnetd default
```

----------

## thompsonmike

 *DopeGhoti wrote:*   

> Try 
> 
> ```
> /etc/init.d/telnetd start
> ```
> ...

 

There is no entry in /etc/init.d/

/etc/init.d/telnetd does'nt exist........

----------

## DopeGhoti

I just emerged netkit-telnetd on my system to see how it's set up, and it looks like it's set to run under xinetd.

Open up /etc/xinetd.d/telnetd in $FAVOURITE_EDITOR, and make it look like this:

```
{

        flags           = REUSE

        socket_type     = stream

        wait            = no

        user            = root

        server          = /usr/sbin/in.telnetd

        log_on_failure += USERID

        disable         = no

}
```

The important line there (the one to change) is the last one- disable is set to yes by default.

Then make sure xinetd is restarted- 

```
yourhost root # /etc/init.d/xinetd restart

 * Stopping xinetd...                                                     [ ok ]

 * Starting xinetd...                                                     [ ok ]
```

and you should be golden!

----------

## !k

you're going to want to emerge xinetd and have xinetd invoke an instance of telnetd when somoene attempts to connect.

it's easy... you may have to edit /etc/xinetd.conf

and surely edit /etc/xinetd.d/telnetd ... I think you have to change disable from yes to no here...

I forget.

----------

## thompsonmike

excellent, thank you....

 :Razz: 

Sorry to appear thick, but it is quite odd coming from a hand holding OS like RedHat to Gentoo, that while it is simple, is hoods open, lets play with that and see how it works sort of stuff...

----------

## DopeGhoti

Not a problem at all; that's one of the things I really like about Gentoo- you really need to get your hands dirty to get your system the way you want it, and you learn a lot on the way.  The only distro I've ever user that was even nearly as hands-on was Slackware, and the system wasn't nearly as friendly as Gentoo is.

----------

## ben

Hi,

I shouldn't be that pushy, but:

Why don't you use ssh on your internal network? I mean this is not that more complicated than telnet, plus you get extra scp (great tool) .

Did you know that you can have the key stored on your server machine so you don't even need to give a password when you ssh in?

Oh and I would suggest using screen so you can have multiple session at once, and pick them up at alater time, or from a different machine.

HTH

Ben

----------

## kashani

I've always been a fan of the telnet-bsd package which will run standalone instead of requiring you to install xinetd as well. Useful to have if you're updating ssh and want to have a telnet session going just in case. 

kashani

----------

## gary

Hi, all

I have taken kashini's advice and emerged telnet-bsd. I intend to use it to occaisionaly log on to my laptop from my desktop (mostly for maintenance purposes), so I want to start the telnetd manually when needed, rather than have it running constantly. 

The thing is, as a certified (certifiable?) n00b, I do not know, and cannot find in the man or info pages, how to configure/manually launch the daemon.  Is this possible, or must I list it in the rc to launch on each boot?  

BTW, I have tried /etc/init.d/telnetd start - no joy.

Anyway, I would appriciate it if someone could point me in the direction of a good resource or two about this. I am sure it is very simple, if you know how...

Thanks in advance for any thoughts.  :Very Happy: 

Gary

----------

## Mnemia

I'm sure you know this, but telnet is a security risk even if you only use it on your local network because it sends passwords in cleartext. Depending on your topology, etc, If someone gets a sniffer on your network by hacking some machine they might be able to grab your telnet passwords. If you do need to use telnet as opposed to SSH be sure to

a) firewall out all incoming telnet connections at border routers;

b) religiously update your telnet daemon and xinetd;

c) possibly configure your telnetd/local firewall to reject all telnet traffic not from explicitly trusted hosts

d) change your telnet passwords at very frequent intervals.

As pointed out above, there aren't many reasons to choose telnet over SSH these days and most people have switched over for remote shell access. If you really really need this then be sure to pay attention to security. I'm guessing most of you already know this but I think it needs to be repeated so that other less experienced readers reading this thread are aware of the issues.

----------

## gary

Thanks for the reply, Mnemia, great stuff.

I have a very basic question about SSH, which would determine it's sutability for this particular purpose.

I have a very complex   :Rolling Eyes:  computing environment here: an LM8.2 powered (for the moment) desktop machine with a direct ethernet connection to my newly Gentoo-powered laptop.  I have sshd running on the desktop, as I used it to rsync files with the laptop when it was LM9.1 powered.

So - my really basic question is - assuming I get the ssh client set up on the laptop (which I intend to undertake now), can I use that setup to login FROM  the desktop server TO the laptop ssh client, or would I have to set up the sshd on both machines? 

That functionality is the reason I was thinking of setting up telnet for occaisional use on the laptop. Setting up one ssh server is one thing - it seems that setting up two (one for occasional use only) is kind of tempting fate, somehow. Murphy knows all about networking, don't he? But perhaps I  overestimate his (Murphy's) oportunities is such a setup.

What think'ee?

TIA for any thoughts!    :Very Happy: 

Gary

----------

## Mnemia

It'd be a lot safer to just use two SSH servers (the machine you are logging onto always needs an sshd running unless you're doing something fancy...). When you emerge openssh on Gentoo it comes already set up so there isn't much you have to do unless you want to use RSA/DSA keys to avoid having to type passwords when you log in. 

The only Gentoo default I'd recommend you change in the /etc/ssh/sshd_config file is the PermitRootLogin option. You should set that to no because you don't want people to be able to try to guess your root password remotely. If you need to use root remotely then you can login as a user in the wheel group and then use su/sudo to change to root.

Other than that it'll all be setup for you. Just emerge openssh on both machines and then do

```

/etc/init.d/sshd start

```

That'll set up the keys for you automatically the first time it runs and then start the server. Then you can

```

ssh username@hostname

```

and login with your regular user account password and everything should work.

Even running the two servers will be a lot safer than having a telnetd on your network. You do need to be careful to keep it updated for security reasons because it does open a remote port and SSH vulnerabilities are found with some regularity. The telnet protocol on the other hand is inherently vulnerable and cannot be fixed so that it is secure.

EDIT: okay, that's not strictly true about telnet. But the "standard" telnet protocol does not support secure authentication or communication.

----------

## gary

Hmmm. You know, Mnemia, I think that sounds like a plan. 

I was not aware that the autologin (no password needed)  bit was (somewhat) optional. I think I will set up that up (or try to - it never has worked exactly right for me) on the desktop machine, but not bother on the laptop daemon, as I will only start and use it occasionally.

 :Very Happy:   :Very Happy:  Thanks again for your help!   :Very Happy:   :Very Happy: 

Gary

----------

## nevynxxx

As an aside. Is there a nice way of getting  telnet client, and just a telnet client. I don't want the server, but do like to be able to telnet into mail servers and nntp servers and stuff on occasion.

----------

