Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
After upgrading to RedHat 8.0 I can't get the Linux box configured to allow incoming Telnet. (It's on a LAN without Internet connection so I don't need SSH).
/etc/hosts holds a list of all PC's that should be allowed to log in.
I try to change the Security Level thru the Gnome Desktop, but every time I make changes (from Standard Firewall Rules' to 'Thrust eth0' and 'Allow Incoming Telnet' and OK them, it comes back to 'Standard Firewall Rules'.
Also check your /etc/xinetd.conf file. This enables and disables services on your box. In this file look for the service called telnet and see if there is a disable make sure that it = no this will enable the service. Also check in your /etc/services file ans check that telnet has got no hash in front of it.
I'm now able to telnet into the main Linux box from my computers connected to the network (Windows & Linux).
However I can only login as a regular user, when I try to login as root, I get 'login incorrect', followed by a new login prompt. On Linux 5.0 I was able to do that.
Why did I manually have to edit /etc/xinet.d/telnet ? I would assume setting the Firewall options with lokkit should do the same but that doesn't seem to accept the changes....
Well the reason u may not login as root is because buy default the newer versions of linux will not allow this, it]s just safer than before. To get arround this first login as a normal user then su - input the password and u will be login as super user which is = root, just to be sure look at you prompt it should have # and not a $ sign in front.
The reason lokkit does nothing is because the service is disabled buy default in the file mentioned above. This is another security feature built into linux.
If you care at all for security avoid using telnet. Telent is PLAINTEXT submission and it does affect your system's security. I suggest SSH with public key authentification...
yea man, im surprised it took 5 replys before someone even told you not to use telent (even more surprisingly is that this is the SECURITY FORUM) but n-e way DON'T USE TELNET EVER.
use ssh, and on the windows boxes, use putty to loging, putty is a free ssh client for windows machines.
scroll to the bottom and download putty.exe, install it on the desktop or something, there is no installation process for putty, the putty.exe is the entire program itself.
again DO NOT USE TELNET (especially so if u are trying to login as root)
i dont even allow root to login over ssh, root musted be sued to on my machine.
If you *really* want to use telnet, still, and you *really* want to allow root login from a remote location (both of these are discouraged, the latter even more so than the former), you need to either add the proper devices to the /etc/securetty file or remove/rename the aforementioned file so it is never even read.
I'm not recommending this, but it *is* the answer to your second question.
Do a Web search on "Tera Term Pro" and download it along with the SSH add-in. I prefer it to Putty, myself.
I enabled telnet now because I need to get things going. I'll switch to ssh in due course because I want to connect to the Internet so I can remotely log in.
by the way what things that you it going ny enabling the telnet?
i am agree with robert, use SSh, a free ssh client for windows machine.
like he say i wont let root log in into my server, i will su to root when i am on the machine.
REMEMBER DO NOT USING TELNET IF YOU WANT TO KEEP YOUR SERVER HEALTHY AND CLEAN OR SOMEDAY YOU WILL FIND THAT IN YOUR /var/log/messages HAVING A LOT OF CONNECTION FROM UNKNOWN USERS.
What I meant is that the LAN on which telnet is running isn't connected to the internet. I plan to do so in the future and will switch to ssh before doing so.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.