Home > Article > Operation and Maintenance > Detailed explanation of the solution to the failure of telnet to RedHat Linux
Detailed explanation of the solution to the failure of telnet to RedHat Linux
- 黄舟Original
- 2017-06-05 10:10:002065browse
Reason for failure:
1. The telnet package is not installed, check whether the telnet package is installed:
[root@vm-rhel root]# rpm -qa telnet telnet-0.17-25
means it is installed
2. The telnet package has been installed, but telnet-server has not been installed. Check whether the telnet-server package is installed:
[root@vm-rhel root]# rpm -qa telnet-server telnet-server-0.17-25
means it has been installed
3.telnetConfiguration fileQuestion:
[root@vm-rhel root]# cat /etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses \
# unencrypted username/password pairs for authentication.
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = yes
}Change the value corresponding to disable to no or Comment this line and restart the xinetd daemon process: service xinetd restart.
4.Linux Firewall reason, check the firewall status:
[root@vm-rhel root]# service iptables status Table: filter Chain INPUT (policy ACCEPT) target prot opt source destination RH-Lokkit-0-50-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Lokkit-0-50-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Lokkit-0-50-INPUT (2 references) target prot opt source destination ACCEPT udp -- 192.168.1.1 anywhere udp spt:domain dpts:1025:65535 ACCEPT tcp -- anywhere anywhere tcp dpt:smtp flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:ftp flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:telnet flags:SYN,RST,ACK/SYN ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere REJECT tcp -- anywhere anywhere tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp dpts:0:1023 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp dpt:nfs reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
means it is not closed. If the firewall is closed, there is no need to open the /etc Add to the /sysconfig/iptables configuration file: -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 23 --syn -j ACCEPT.
Close the firewall: service iptables stop (Invalid after restart: the firewall starts automatically at boot)
Start the firewall: service iptables start
Restart the firewall: service iptables restart
Disable the firewall from automatically starting at boot: chkconfig iptables off
5. By default, Linux does not allow the root user to log in to the Linux host through telnet. If you want to allow the root user to log in, The following 3 methods can be used:
(1) Modify the /etc/pam.d/login configuration file
RedHat Linux’s restrictions on remote login In the /etc/pam.d/login file, just comment the restriction content.
[root@vm-rhel root]# cat /etc/pam.d/login#%PAM-1.0auth required pam_securetty.so auth required pam_stack.so service=system-auth #auth required pam_nologin.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth session optional pam_console.so
(2) Remove the /etc/securetty folder
Verification rules are set in the /etc/securetty file, which defines that the root user can only Record on the terminal of tty1-tty6, Delete or rename the file to avoid the verification rules and enable the root user to remotely log in to the Linux host through telnet.
[root@vm-rhel root]# mv /etc/securetty /etc/securetty.bak
(3) First log in as a normal user, and then switch to the root user
[bboss@vm-rhel bboss]$ su root Password: [root@vm-rhel bboss]#
The above is the detailed content of Detailed explanation of the solution to the failure of telnet to RedHat Linux. For more information, please follow other related articles on the PHP Chinese website!