Home > Operation and Maintenance > Linux Operation and Maintenance > Reasons and solutions for failure of telnet to RedHat Linux

Reasons and solutions for failure of telnet to RedHat Linux

PHP中文网
Release: 2017-06-20 09:35:16
Original
2398 people have browsed it

Reason for failure:

1. The telnet package is not installed. Check whether the telnet package is installed:

[root@vm-rhel root]# rpm -qa telnet
 telnet-0.17-25
Copy after login

means it is installed

2. The telnet package has been installed, but telnet-server has not been installed. Check whether the telnet-server package is installed:

[root@vm-rhel root]# rpm -qa telnet-server
 telnet-server-0.17-25
Copy after login

means it has been installed

3.telnet configuration File problem:

[root@vm-rhel root]# cat /etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses \
#    unencrypted username/password pairs for authentication.
service telnet
{
    flags        = REUSE
    socket_type    = stream        
    wait        = no
    user        = root
    server        = /usr/sbin/in.telnetd
    log_on_failure    += USERID
    disable        = yes 
}
Copy after login

Change the value corresponding to disable to no or comment the line and restart the xinetd daemon: service xinetd restart.

4.Linux firewall reason, check the firewall status:

<br>
Copy after login
Copy after login
Copy after login
Copy after login

[root@vm-rhel root]# service iptables status<br>Table: filter<br>Chain INPUT ( policy ACCEPT)<br>target prot opt ​​source destination <br>RH-Lokkit-0-50-INPUT all -- anywhere anywhere

<br>
Copy after login
Copy after login
Copy after login
Copy after login

Chain FORWARD (policy ACCEPT)<br>target prot opt ​​source destination <br>RH-Lokkit-0-50-INPUT all -- anywhere anywhere

<br>
Copy after login
Copy after login
Copy after login
Copy after login

Chain OUTPUT (policy ACCEPT)<br>target prot opt ​​source destination

<br>
Copy after login
Copy after login
Copy after login
Copy after login

Chain RH-Lokkit-0 -50-INPUT (2 references)<br>target prot opt ​​source destination <br>ACCEPT udp -- 192.168.1.1 anywhere udp spt:domain dpts:1025:65535 <br>ACCEPT tcp -- anywhere anywhere tcp dpt:smtp flags :SYN,RST,ACK/SYN <br>ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN <br>ACCEPT tcp -- anywhere anywhere tcp dpt:ftp flags:SYN,RST,ACK /SYN <br>ACCEPT tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN <br>ACCEPT tcp -- anywhere anywhere tcp dpt:telnet flags:SYN,RST,ACK/SYN <br>ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc <br>ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc <br>ACCEPT all -- anywhere anywhere <br>ACCEPT all -- anywhere anywhere <br>REJECT tcp -- anywhere anywhere tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable <br>REJECT tcp -- anywhere anywhere tcp dpt:nfs flags :SYN,RST,ACK/SYN reject-with icmp-port-unreachable <br>REJECT udp -- anywhere anywhere udp dpts:0:1023 reject-with icmp-port-unreachable <br>REJECT udp -- anywhere anywhere udp dpt :nfs reject-with icmp-port-unreachable <br>REJECT tcp -- anywhere anywhere tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable <br>REJECT tcp -- anywhere anywhere tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable

means it is not closed. If the firewall is closed, there is no need to configure /etc/sysconfig/iptables Add to the configuration file: -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 23 --syn -j ACCEPT.

Close the firewall: service iptables stop (invalid after restart: the firewall starts automatically at boot)

Start the firewall: service iptables start

Restart the firewall: service iptables restart

Disable the firewall from automatically starting at boot: chkconfig iptables off

5. By default, Linux does not allow the root user to log in to the Linux host through telnet. If you want to allow the root user to log in, you can use the following 3 methods:

(1) Modify the /etc/pam.d/login configuration file

RedHat Linux’s restrictions on remote login are reflected in the /etc/pam.d/login file. Just comment out the restrictions.

[root@vm-rhel root]# cat /etc/pam.d/login#%PAM-1.0auth       required    pam_securetty.so
auth       required    pam_stack.so service=system-auth
#auth       required    pam_nologin.so
account    required    pam_stack.so service=system-auth
password   required    pam_stack.so service=system-auth
session    required    pam_stack.so service=system-auth
session    optional    pam_console.so
Copy after login

(2) Remove the /etc/securetty folder

The verification rules are set in the /etc/securetty file, which defines that the root user can only Recorded on the terminal of tty1-tty6, deleting the file or renaming it can avoid the verification rules and enable the root user to remotely log in to the Linux host through telnet.

[root@vm-rhel root]# mv /etc/securetty /etc/securetty.bak
Copy after login

(3) First log in as a normal user, and then switch to the root user

[bboss@vm-rhel bboss]$ su root
Password: 
[root@vm-rhel bboss]#
Copy after login

The above is the detailed content of Reasons and solutions for failure of telnet to RedHat Linux. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template