Linux telnet 安装及介绍
1、软件安装及配置
1.1 安装telnet-server 、telnet 和 xinetd
telnet 的自启动依赖于 xinetd ,需要同时进行安装。
[root@Tang ~]# yum install xinetd telnet-server telnet -y
1.2 配置文件修改(CentOS 7 以上可跳过)
现在很多 CentOS 7 版本安装 telnet-server 以及 xinetd 没有 telnet 的配置文件。
如果 telnet 文件不存在的话,可以跳过这部分的更改。
[root@Tang ~]# ll /etc/xinetd.d/telnet
ls: cannot access /etc/xinetd.d/telnet: No such file or directory
如果下面文件存在,请更改配置 telnet 可以 root 登录,把 disable = no 改成disable = yes 。
[root@Tang yum.repos.d]# cat /etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses \
# unencrypted username/password pairs for authentication.
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
}
[root@Tang yum.repos.d]# vim /etc/xinetd.d/telnet
[root@Tang yum.repos.d]# cat /etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses \
# unencrypted username/password pairs for authentication.
service telnet
{
disable = yes
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
}
配置telnet登录的终端类型,在/etc/securetty文件末尾增加一些pts终端,如下
pts/0
pts/1
pts/2
pts/3
配置之后的显示
[root@Tang ~]# vim /etc/securetty
[root@Tang ~]# tail -5 /etc/securetty
xvc0
pts/0
pts/1
pts/2
pts/3
1.3 启动服务并设置开机启动
[root@Tang ~]# systemctl enable xinetd
[root@Tang ~]# systemctl enable telnet.socket
Created symlink from /etc/systemd/system/sockets.target.wants/telnet.socket to /usr/lib/systemd/system/telnet.socket.
[root@Tang ~]# systemctl start xinetd
[root@Tang ~]# systemctl start telnet.socket
1.4 查看端口号是否监听正常
[root@Tang ~]# ss -tnl | grep 23
LISTEN 0 128 :::23 :::*
2、软件测试
2.1 telnet 自测失败
因为安装了 telnet 客户端,所以可以进行自测。
发现自测失败。
[root@Tang ~]# telnet localhost
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Kernel 3.10.0-957.el7.x86_64 on an x86_64
Tang login: root
Password:
Login incorrect
Tang login: Connection closed by foreign host.
2.2 telnet 自测失败解决办法
修改 /etc/pam.d/remote 文件,对 第二行进行 注释。
# 查看文件
[root@Tang ~]# cat /etc/pam.d/remote
#%PAM-1.0
auth required pam_securetty.so
auth substack password-auth
auth include postlogin
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include password-auth
session include postlogin
# 修改文件
[root@Tang ~]# vim /etc/pam.d/remote
# 查看修改过后的文件
[root@Tang ~]# cat /etc/pam.d/remote
#%PAM-1.0
#auth required pam_securetty.so
auth substack password-auth
auth include postlogin
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include password-auth
session include postlogin
2.3 telnet 自测成功
[root@Tang ~]# telnet localhost
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Kernel 3.10.0-957.el7.x86_64 on an x86_64
Tang login: root
Password:
Last failed login: Sun May 17 22:11:20 CST 2020 from localhost on pts/2
There was 1 failed login attempt since the last successful login.
Last login: Sun May 17 21:48:39 from bogon
[root@Tang ~]# w
22:16:24 up 31 min, 4 users, load average: 0.00, 0.01, 0.04
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root tty1 21:45 27:36 0.10s 0.10s -bash
root pts/0 bogon 21:47 27:52 0.00s 0.00s -bash
root pts/1 bogon 21:48 0.00s 0.03s 0.00s telnet localhost
root pts/2 localhost 22:16 0.00s 0.00s 0.00s w
[root@Tang ~]# who
root tty1 2020-05-17 21:45
root pts/0 2020-05-17 21:47 (bogon)
root pts/1 2020-05-17 21:48 (bogon)
root pts/2 2020-05-17 22:16 (localhost)
3、telnet 端口号修改
3.1 修改 telnet.socket 文件
root@Tang ~]# cat /usr/lib/systemd/system/telnet.socket
[Unit]
Description=Telnet Server Activation Socket
Documentation=man:telnetd(8)
[Socket]
ListenStream=23
Accept=true
[Install]
WantedBy=sockets.target
[root@Tang ~]# vim /usr/lib/systemd/system/telnet.socket
[root@Tang ~]# cat /usr/lib/systemd/system/telnet.socket
[Unit]
Description=Telnet Server Activation Socket
Documentation=man:telnetd(8)
[Socket]
ListenStream=9999
Accept=true
[Install]
WantedBy=sockets.target
[root@Tang ~]# systemctl restart telnet.socket
Warning: telnet.socket changed on disk. Run 'systemctl daemon-reload' to reload units.
[root@Tang ~]# systemctl daemon-reload
[root@Tang ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::9999 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
3.2 修改 /etc/services 中的默认端口
[root@Tang ~]# cat /etc/services | grep ^telnet
telnet 23/tcp
telnet 23/udp
telnets 992/tcp
telnets 992/udp
telnetcpcd 3696/tcp # Telnet Com Port Control
telnetcpcd 3696/udp # Telnet Com Port Control
3.3 修改 /etc/xinetd.conf 文件
# 增加如下内容
# Defining Telnet
service telnet
{
port 9090 #9090:请用自己的端口号代替
}