LX-SVS-INFO-telnetd
Updated sep/12/2010 19:04
Telnet-server - Debian5
Het is absoluut af te raden een telnet service te draaien op je linux server. Telnet is een onveilig protocol en versleutelt geen enkele informatie, ook niet het uitgewisselde paswoord. Om educatieve redenen wordt hier echter een telnetdaemon geïnstalleerd. Bovendien is zo straks gemakkelijker in te zien wat een telnetclient nu precies is, en hoe we die telnetclient voor andere dingen dan voor telnet zelf kunnen gebruiken.
-
Configureer apt
Indien dit nog niet gebeurd is moet je de apt software installatietool configureren voor gebruik met het internet. telnetd staat namelijk niet op de eerste debian DVD. Je moet de "deb cdrom" entry als commentaar omzetten, en daarna de online repositories toevoegen:
# vim /etc/apt/sources.list
#
# deb cdrom:[Debian GNU/Linux 5.0.3 _Lenny_ - Official i386 DVD Binary-1 20090905-08:48]/ lenny contrib main
# deb cdrom:[Debian GNU/Linux 5.0.3 _Lenny_ - Official i386 DVD Binary-1 20090905-08:48]/ lenny contrib main
deb http://ftp.belnet.be/debian/ lenny main contrib non-free
deb-src http://ftp.belnet.be/debian/ lenny main
deb http://security.debian.org/ lenny/updates main contrib
deb-src http://security.debian.org/ lenny/updates main contrib
deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib
deb-src http://volatile.debian.org/debian-volatile lenny/volatile main contrib
|
Update nu de nieuwe configuratie van apt:
# apt-get update
Hit http://ftp.belnet.be lenny Release.gpg
Ign http://ftp.belnet.be lenny/main Translation-en_US
Ign http://ftp.belnet.be lenny/contrib Translation-en_US
Ign http://ftp.belnet.be lenny/non-free Translation-en_US
Hit http://ftp.belnet.be lenny Release
Hit http://volatile.debian.org lenny/volatile Release.gpg
Ign http://volatile.debian.org lenny/volatile/main Translation-en_US
Ign http://volatile.debian.org lenny/volatile/contrib Translation-en_US
Ign http://ftp.belnet.be lenny/main Packages/DiffIndex
Hit http://security.debian.org lenny/updates Release.gpg
Ign http://security.debian.org lenny/updates/main Translation-en_US
Ign http://security.debian.org lenny/updates/contrib Translation-en_US
Hit http://volatile.debian.org lenny/volatile Release
Ign http://ftp.belnet.be lenny/contrib Packages/DiffIndex
Ign http://ftp.belnet.be lenny/non-free Packages/DiffIndex
Ign http://ftp.belnet.be lenny/main Sources/DiffIndex
Hit http://security.debian.org lenny/updates Release
Ign http://volatile.debian.org lenny/volatile/main Packages/DiffIndex
Hit http://ftp.belnet.be lenny/main Packages
Hit http://ftp.belnet.be lenny/contrib Packages
Ign http://volatile.debian.org lenny/volatile/contrib Packages/DiffIndex
Ign http://volatile.debian.org lenny/volatile/main Sources/DiffIndex
Ign http://volatile.debian.org lenny/volatile/contrib Sources/DiffIndex
Ign http://security.debian.org lenny/updates/main Packages/DiffIndex
Hit http://volatile.debian.org lenny/volatile/main Packages
Hit http://volatile.debian.org lenny/volatile/contrib Packages
Hit http://volatile.debian.org lenny/volatile/main Sources
Ign http://security.debian.org lenny/updates/contrib Packages/DiffIndex
Ign http://security.debian.org lenny/updates/main Sources/DiffIndex
Ign http://security.debian.org lenny/updates/contrib Sources/DiffIndex
Hit http://ftp.belnet.be lenny/non-free Packages
Hit http://volatile.debian.org lenny/volatile/contrib Sources
Hit http://ftp.belnet.be lenny/main Sources
Hit http://security.debian.org lenny/updates/main Packages
Hit http://security.debian.org lenny/updates/contrib Packages
Hit http://security.debian.org lenny/updates/main Sources
Hit http://security.debian.org lenny/updates/contrib Sources
Reading package lists... Done
-
Installeer telnetd
# apt-get install inetutils-telnetd
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
inetutils-telnetd
0 upgraded, 1 newly installed, 0 to remove and 4 not upgraded.
Need to get 0B/104kB of archives.
After this operation, 217kB of additional disk space will be used.
Selecting previously deselected package inetutils-telnetd.
(Reading database ... 100592 files and directories currently installed.)
Unpacking inetutils-telnetd (from .../inetutils-telnetd_2%3a1.5.dfsg.1-9_i386.deb) ...
Processing triggers for man-db ...
Setting up inetutils-telnetd (2:1.5.dfsg.1-9) ...
-
Configureer inetd.conf
De telnetdaemon wordt niet zoals gewoonlijk direct opgestart met een opstartscript in /etc/init.d - hij zit in de inetd superserver. Hierin kunnen enkele services zitten die alle tegelijk worden opgestart.
Om die reden moeten we eerst nog inetd configureren en daarna opstarten. We verwijderen eerst de commentaar #<off># voor de hieronder vetgedrukte regel:
# vim /etc/inetd.conf
# /etc/inetd.conf: see inetd(8) for further informations.
#
# Internet superserver configuration database
#
#
# Lines starting with "#:LABEL:" or "#<off>#" should not
# be changed unless you know what you are doing!
#
# If you want to disable an entry so it isn't touched during
# package updates just comment it out with a single '#' character.
#
# Packages should modify this file by using update-inetd(8)
#
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
#:INTERNAL: Internal services
#discard stream tcp nowait root internal
#discard dgram udp wait root internal
#daytime stream tcp nowait root internal
#time stream tcp nowait root internal
#:STANDARD: These are standard services.
telnet stream tcp nowait root /usr/sbin/telnetd telnetd
#:BSD: Shell, login, exec and talk are BSD protocols.
#:MAIL: Mail, news and uucp services.
#:INFO: Info services
#:BOOT: TFTP service is provided primarily for booting. Most sites
# run this only on machines acting as "boot servers."
#:RPC: RPC based services
#:HAM-RADIO: amateur-radio services
#:OTHER: Other services
|
-
Nu starten we de inetd service
# /etc/init.d/openbsd-inetd start
-
Test de server
$ telnet localhost
trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Debian GNU/Linux 4.0
pc2203 login: ludo
Password: ********
Linux pc2203 2.6.18-5-686 #1 SMP Fri Jun 1 00:47:00 UTC 2007 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
ludo@pc:~$
-
Test vanaf je netwerk:
Je kan nu inloggen vanaf een ander station op je LAN. Als je ingelogd bent, in dit geval als ludo, kan je hetzelfde doen als op een gewone terminal, maar dan vanaf overal op het netwerk (de gebruiker moet natuurlijk wel bestaan op de server).
honnecker@ddr.de:~$ telnet 172.16.22.3
Trying 172.16.22.3...
Connected to 172.16.22.3.
Escape character is '^]'.
Debian GNU/Linux 4.0
pc2203 login: ludo
Password: ********
Last login: Mon Mar 3 13:17:36 2008 from localhost on pts/6
Linux pc2203 2.6.18-5-686 #1 SMP Fri Jun 1 00:47:00 UTC 2007 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
ludo@pc2203:~$
