Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I read a few threads concerning telnet, SSH, Firewall. But to my
newbie brain, they aren't complete. Threfore, another thread.
What I am trying to do:
Access my machine remotely, both from shell (Telnet, SSH), and
from VNC.
So far:
Installed RH73. By mistake, I chose to use firewall which was not
necessary as both of my machiens are behind main router/firewall.
While in the setup, I chose most of services like ftp, telnet, ssh.
Also installed VNC server.
Once, the machine was up, I tried to telnet, or use VNC. None of
them works. I see that VNC server is running (ps -aux), but am
not sure if telnet deamon is running.
Now:
1. How to make sure telnet, ssh deamons are running?
2. What're the major config files concerning networking?
3. How to manually reconfigure firewall (ipchains?), or even unninstall it?
4. How do I run vnc server (or any other app) at start up?
5. If telnet/ssh are not running, how to configure them to run at start up?
6. While in the setup, I chose ftp/telnet services. Does it mean that these services are *only* installed, but not configured to start at boot?
Well, I don't know all the answers but I know some...
1. Telnet will not work because it is disabled by default. Go into
/etc/xinetd.d/telnet
and change 'disable' to 'disable = no'. You can refresh xinetd or
reboot to have it take effect.
2. On files the list is a bit short:
/etc/services defines which apps use which ports
/etc/xinetd.conf houses the short config for xinetd
/etc/resolv.conf houses the DNS config
Mainly to use static IP you want to use the route and ifconfig commands.
If you want to use DHCP and have a DHCP server on your network use
'dhcpcd eth#' to get it set up.
3. You can manually configure the firewall using the HOWTO's out on the
net, or you can use lokkit from the base RH install or download Firestarter,
which is a really superior product, for free and use the GUI.
4. To add an app at startup you need to add a line to /etc/inittab.
Check out the documentation on that file.
5. Via #1 telnet will now start at startup when xinetd starts.
6. Not sure what you mean here, but wu-ftp is included in xinetd so
you can enable it in /etc/xinetd.d/wu-ftpd
Thanks John for the replies. However, some of my problems still
persists.
There was no /etc/xinetd.d/telnet file. So, I created one. And added
the structure telnet.... and disable = no. Restarted xinetd, but to no
effect. I still get the error 'connection refused'. so not sure what to do.
That's strange that you wouldn't have one since you are using a default
install of RH7.3? But, here are my contents:
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = no
}
Well you need to check here that some in.telnetd exists or that is is a link
to a real file. If telnetd doesnt exist in /usr/sbin then I'd have say that it isn't
installed, and that's why it won't run via xinetd.
why use telnet anyway .. its not secure as far as what i'm told ... just google for a program called putty and SSH into the RH box. Should work the say or even better.
I tried puttty too, and it didn't work either. On both telnet and ssh
login attempts, I get an error message saying that the connection
was refused.
I am beginning to believe it's more of a firewall problem than the
telnet/ssh issue.
Well, even after I set te firewall security level to zero
the machine still refuses to accept connection
Folks,
I am desperate to get either Telnet or SSH to work on my RH box
soon.
On the current setup, the KDE control panel says that Telnet is
installed and is *checked* to indicate that it is enabled as a
deamon. However, ps -aux | grep telnet doesn't show any
signs of telnetd working, neither can I log in remotely.
I have disabled firewall, so it can be ruled out as a culprit. I also
see the /usr/sbin/in.telnetd and can run it *only* in debug mode
and be able to log in only locally. Beyond that, I am not able to
make much of a progress. If I were to install Telnet again, what
would I have to do? What config files should I modify to start
it as a deamon. And above all, how do I debug and see if why
it's not starting?
Any help will be certainly appriciated.
Thanks,
PS: Did anyone attend the Linux Expo conf in San Franscisco?
So, you say you are behind a main firewall/router...
Is that set up ok to redirect connections to your Linux box?
A point to note too...
Your firewall is NEVER turned off. Netfilter is on because you requested a firewall during install.
All the chains have been reset to ACCEPT and cleared of rules.
So, add this line from a console
iptables -t nat -A PREROUTING -p tcp -j LOG --log-prefix "incoming_tcp " --log-level 6
then,
tail -f /var/log/messages
and look for log entries from connection requests.
See if the packets are getting to your pc.
I agree with Peter on this, but I don't trust the text files. I recommend installing Firestarter
(http://firestarter.sourceforge.net/). I have done some work with the files and find them a bit
cryptic at best. Firestarter allows you to open a GUI and see dynamically which requests
are being denied and enable them on the fly if you wish. It was truly an invaluable tool
when I was setting up IP masquerade. Just my 2 cents =)
Thanks Peter, John.
I executed the lines as told by Peter and saw that the remote
machine was actually trying to connect at telnet port.
Downloaded and installed the firestarter, and realized that there
was some problem with my firewall setup. Firestarter is great.
telnet is present in /etc/services and mapped to port 23
struct telnet is in /etc/xinetd.d/telnet which is included in the
/etc/xinetd.conf file. And the server in this conf file is mapped
to /usr/sbin/in.telnetd.
I actually replaced the in.telnetd with my own shell script to see
if it get executed (for debugging purposes) on a telnet connection
request. It was not executed, to my surprise. Any idea why it
wasn't?
It's another access control attempt, which takes the load off xinetd.
in.telnetd is called, and this SHOULD call the original telnet daemon if the connection request passes the access rules.
Now,
I must ask why telnet? Passing clear text logons and passwords around the Internet?
ssh I strongly recommend. It's a standalone secure server. Much more built in control too.
Thanks Peter,
Yeah, I was able to run the Telnet. Telnet is not my choise of
remote server, but since I am still a newbie I am just experimenting.
Now that Telnet is working, I want to concentrate a little bit on ssh
too.
What do I have to do to run ssh server?
Install the openSSH-3.4p1.xxx.rpm and it's companions.
If you have registered with RH, just 'up2date -i openssh' and sit back. Otherwise the tar.gz from http://www.openssh.org if you are bold.
It will authenticate existing Linux users.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.