服务管理——telnet
服务管理——telnet
服务管理——telnet
一 telnet服务端和客户端
什么是Telnet?
Telnet协议是TCP/IP协议族中的一员,是Internet远程登陆服务的标准协议和主要方式。它为用户提供了在本地计算机上完成远程主机工作的能力。在终端使用者的电脑上使用telnet程序,用它连接到服务器。终端使用者可以在telnet程序中输入命令,这些命令会在服务器上运行,就像直接在服务器的控制台上输入一样。可以在本地就能控制服务器。要开始一个telnet会话,必须输入用户名和密码来登录服务器。Telnet是常用的远程控制Web服务器的方法。
[plain]
#Server01:安装telnet服务端
[root@serv01 xinetd.d]# yum installtelnet-server* -y
#开启服务
[root@serv01 xinetd.d]# chkconfig telnet on
#重启xinetd服务
[root@serv01 xinetd.d]# /etc/init.d/xinetdrestart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
#再次查看网络状态
[root@serv01 xinetd.d]# netstat -langput |grep "telnet"
tcp 0 0 192.168.1.11:23 192.168.1.12:57169 ESTABLISHED 2488/in.telnetd: 19
[root@serv01 xinetd.d]# netstat -langput |grep "xin"
tcp 0 0 :::22 :::* LISTEN 2486/xinetd
tcp 0 0 :::23 :::* LISTEN 2486/xinetd
#Server02:安装telnet客户端
[root@serv02 .ssh]# yum install telnet -y
#客户端通过telnet远程连接登录,注意一定要使用普通用户
[root@serv02 .ssh]# telnet 192.168.1.11
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.
Red Hat Enterprise Linux Server release 6.1(Santiago)
Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64
login: hongyi
Password:
Last login: Tue Aug 6 19:44:31 from 192.168.1.1
[hongyi@serv01 ~]$
二 telnet的特性
[plain]
#明文传输,不允许root登录
#telnet是明文传输,不允许root登录
#我们往往使用普通用户登录,然后su -切换到root用户。
[root@serv02 .ssh]# telnet 192.168.1.11
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.
Red Hat Enterprise Linux Server release 6.1(Santiago)
Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64
login: root
Password:
Login incorrect
[root@serv01 xinetd.d]# pwd
/etc/xinetd.d
[root@serv01 xinetd.d]# cat telnet
# default: on
# description: The telnet server servestelnet sessions; it uses \
# unencryptedusername/password pairs for authentication.
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
}
#service ssh:名字必须唯一,不要重复
三 telnet只允许某个IP或者某个网段访问(only_from)
[plain]
#编辑文件,只允许192.168.1.12访问
[root@serv01 xinetd.d]# vim telnet
[root@serv01 xinetd.d]# cat telnet
# default: on
# description: The telnet server servestelnet sessions; it uses \
# unencryptedusername/password pairs for authentication.
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
only_from = 192.168.1.12
}
#重启服务
[root@serv01 xinetd.d]# /etc/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
#serv02可以正常访问
[root@serv02 .ssh]# telnet 192.168.1.11
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.
Red Hat Enterprise Linux Server release 6.1(Santiago)
Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64
login: hongyi
Password:
Last login: Tue Aug 6 23:20:57 from 192.168.1.12
[hongyi@serv01 ~]$ exit
ogout
Connection closed by foreign host.
[root@serv02 .ssh]#
#serv02不可以正常访问
[root@serv03 .ssh]# yum install telnet -y
[root@serv03 .ssh]# telnet 192.168.1.11
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.
Connection closed by foreign host.
192.168.1.0/24 172.16.1.0/24
192.168.1.0/255.255.255.0 X
access_times = 8:30-17:00
四 telnet不允许某个IP或者某个网段访问(no_access)
[plain]
#no_access
[root@serv01 xinetd.d]# vim telnet
[root@serv01 xinetd.d]# cat telnet
# default: on
# description: The telnet server servestelnet sessions; it uses \
# unencryptedusername/password pairs for authentication.
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
no_access = 192.168.1.12
}
[root@serv01 xinetd.d]# /etc/init.d/xinetdrestart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
[root@serv02 .ssh]# telnet 192.168.1.11
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.
Connection closed by foreign host.
[root@serv03 .ssh]# telnet 192.168.1.11
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.
Red Hat Enterprise Linux Server release 6.1(Santiago)
Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64
login: hongyi
Password:
Last login: Tue Aug 6 23:41:22 from 192.168.1.12
[hongyi@serv01 ~]$
#网段
[root@serv01 xinetd.d]# vim telnet
[root@serv01 xinetd.d]# cat telnet
# default: on
# description: The telnet server servestelnet sessions; it uses \
# unencryptedusername/password pairs for authentication.
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
only_from = 192.168.1.0/24
}
[root@serv01 xinetd.d]# /etc/init.d/xinetdrestart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
[root@serv02 .ssh]# telnet 192.168.1.11
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.
Red Hat Enterprise Linux Server release 6.1(Santiago)
Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64
login: hongyi
Password:
Last login: Tue Aug 6 23:46:23 from 192.168.1.13
[hongyi@serv01 ~]$
[root@serv03 .ssh]# telnet 192.168.1.11
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.
Red Hat Enterprise Linux Server release 6.1(Santiago)
Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64
login: hongyi
Password:
Last login: Tue Aug 6 23:48:15 from 192.168.1.12
[hongyi@serv01 ~]$
五 telnet允许或者禁止在某个时间段访问(access_times、deny_time)
[plain]
#telnet允许或者禁止在某个时间段访问,可以通过access_times、deny_time参数控制。比如:
#access_times 8:00-17:30
#deny_time 15:00-17:30
评论暂时关闭