Telnet "Connection closed by foreign host"

jhilton · 06-25-2008, 02:38 PM

Hello, I acidentally posted this in the newbie forums and then saw there was a networking forum!

I'm having problems trying to get my linux machine to accept telnet connections from any other type of machine. Whenever I try to telnet from a solaris or linux machine to the linux host machine I get a, "Connection closed by foreign host" and it returns me back to the terminal. I can Telnet/rsh/rlogin from any of the linux machines into the solaris box but the reverse can not be achieved.

On the linux machine this problem is easily solved by just using SSH, however I am unable to use SSH on the Solaris as the SSH client is not installed. On the Linux host I have telnet set to enable in my /etc/xinit.d directory and I even do a /etc/init.d/xinitd restart. xinitd is running as I can pull it out of top using grep. Any ideas as to why telnet is refusing connections?

lazlow · 06-25-2008, 03:00 PM

Have you checked you /etc/hosts.allow?

jhilton · 06-25-2008, 03:10 PM

In etc/hosts.allow I have "ALL : ALL : ALLOW" on the linux machines. And both .rhosts and hosts.equiv have "+ +".

At this moment I've given up on all security I can achieve between these machines in order to get this networking thing to work. Once I can figure out how to get it to work, then I can start messing around and tweaking them the way I need them to work.

lazlow · 06-25-2008, 03:43 PM

Are you trying to telnet in as root or as a user? I seem to remember there is an extra setting (somewhere) about allowing remote root.

Mr. C. · 06-25-2008, 06:06 PM

And what about your /etc/hosts.deny ?
Are you running SELINUX?

rhosts and hosts.equiv are not relevant to telnet.

jhilton · 06-25-2008, 06:23 PM

Hmmm... I have no idea if it is or not. The "linux" machines right now are running off customized Gentoo live cds with various programs to help back up partition images on other systems. But after doing some searching, I can assume that they are.

There was no /etc/hosts.deny file. I figure that since it did not exist I did not have to create it like I did for /etc/hosts.allow

I Just got home so I won't be able to do much more but get ideas until I get back tomorrow.

Mr. C. · 06-25-2008, 06:30 PM

On the linux machine that cannot be connected to via telnet, run:

telnet localhost

add show what happens.

jhilton · 06-26-2008, 07:34 AM

Trying to telnet into machine that can not be telnet into I get...

Trying 127.0.0.1...
Connected to localhost
Escape character is '^]'.
Connection closed by foreign host.

jlm01801 · 06-26-2008, 10:35 AM

sounds like maybe the telnet server is not running.
to check run netstat -an |grep 23
you should see something like...
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
...port 23 being the telnet port
if you don't see it make sure you have it installed. if installed check your logs for xinetd errors concerning telnet.

jhilton · 06-26-2008, 10:55 AM

I ran -an | grep 23 and I see

tcp 0 0.0.0.0:23 0.0.0.0:* LISTEN

So did less /var/log/messages | grep telnet and I got

Jun 26 15:41:01 sysresccd xinetd[8673]: Reading included configuration file: /etc/xinetd.d/telnetd [file=/etc/xinetd.d/telnetd] [line=68]
Jun 26 15:43:53 sysresccd xinetd[8743]: Reading included configuration file: /etc/xinetd.d/telnetd [file=/etc/xinetd.d/telnetd] [line=68]
Jun 26 15:45:46 sysresccd xinetd[8743]: START: telnet pid=8774 from=127.0.0.1
Jun 26 15:45:46 sysresccd xinetd[8774]: FAIL: telnet address from=127.0.0.1
Jun 26 15:45:46 sysresccd xinetd[8743]: EXIT: telnet status=0 pid=8774 duation=0(sec)

jlm01801 · 06-26-2008, 11:07 AM

check /var/log/secure for telnet/xinetd messages
check iptables -L for firewall rule preventing telnet

jhilton · 06-26-2008, 11:38 AM

There is no /var/log/secure

I did a find / -name 'secure' 2>results

and there was no lines written to "results"

I ran iptables -L and I got this for output

Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

I have no idea what any of this means, but I'm reading the man page right now trying to understand it.

Mr. C. · 06-26-2008, 11:47 AM

Quote:

Originally Posted by jlm01801

sounds like maybe the telnet server is not running.

No, telnet is running. Telnet output the messages:

Code:

Connected to localhost
Escape character is '^]'.

The disconnect happens after this, and is due to a security configuration somewhere dropping the connection.

See if you have an /var/log/authpriv.

Disable telnet via xinetd. Restart xinetd.

Then, start telnetd manually on the command line, using the -debug option, and various -D options for debugging. See man telnetd on the options available for your telnetd for -D. Then make your connection and see what happens.

jhilton · 06-26-2008, 12:15 PM

Quote:

Originally Posted by Mr. C.

See if you have an /var/log/authpriv.

Disable telnet via xinetd. Restart xinetd.

Then, start telnetd manually on the command line, using the -debug option, and various -D options for debugging. See man telnetd on the options available for your telnetd for -D. Then make your connection and see what happens.

I do not have /var/log/authpriv.

I'm trying to start in.telnetd -D report (just as an example, I've tried all the options and get the same following result)

in.telnetd: getpeername: Socket operation on non-socket

Am I forgetting a flag or is this not what I want to run?

Mr. C. · 06-26-2008, 12:29 PM

Please show the output of :

telnetd --help

I'm not sure which options your telnet supports.

You are starting telnet as root, right ?