THE ADMIN's LAB : RHEL6 - 26

RHEL6-26-TELNET

HOW TO CONFIGURE TELNET IN RHEL6?

Telnet is very unsecure way to connect with other system. This is unsecure because communication between systems is in plain text.

By default

- Telnet is not installed,

- User “root” is not allowed,

- After installing telnet again telnet login is not permitted.

Works on port 23.

[root@rhel6-server ~]# rpm -qa |grep -i telnet*

[root@rhel6-server ~]# yum install -y telnet*

Loaded plugins: product-id, refresh-packagekit, security, subscription-manager

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

client | 2.9 kB 00:00

Setting up Install Process

Resolving Dependencies

--> Running transaction check

---> Package telnet.x86_64 1:0.17-47.el6_3.1 will be installed

---> Package telnet-server.x86_64 1:0.17-47.el6_3.1 will be installed

--> Processing Dependency: xinetd for package: 1:telnet-server-0.17-47.el6_3.1.x86_64

--> Running transaction check

---> Package xinetd.x86_64 2:2.3.14-38.el6 will be installed

--> Finished Dependency Resolution

Dependencies Resolved

================================================================================

Package Arch Version Repository Size

================================================================================

Installing:

telnet x86_64 1:0.17-47.el6_3.1 client 58 k

telnet-server x86_64 1:0.17-47.el6_3.1 client 37 k

Installing for dependencies:

xinetd x86_64 2:2.3.14-38.el6 client 121 k

Transaction Summary

================================================================================

Install 3 Package(s)

Total download size: 216 k

Installed size: 423 k

Downloading Packages:

(1/3): telnet-0.17-47.el6_3.1.x86_64.rpm | 58 kB 00:00

(2/3): telnet-server-0.17-47.el6_3.1.x86_64.rpm | 37 kB 00:00

(3/3): xinetd-2.3.14-38.el6.x86_64.rpm | 121 kB 00:00

--------------------------------------------------------------------------------

Total 1.1 MB/s | 216 kB 00:00

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : 2:xinetd-2.3.14-38.el6.x86_64 1/3

Installing : 1:telnet-server-0.17-47.el6_3.1.x86_64 2/3

Installing : 1:telnet-0.17-47.el6_3.1.x86_64 3/3

Verifying : 1:telnet-0.17-47.el6_3.1.x86_64 1/3

Verifying : 1:telnet-server-0.17-47.el6_3.1.x86_64 2/3

Verifying : 2:xinetd-2.3.14-38.el6.x86_64 3/3

Installed:

telnet.x86_64 1:0.17-47.el6_3.1 telnet-server.x86_64 1:0.17-47.el6_3.1

Dependency Installed:

xinetd.x86_64 2:2.3.14-38.el6

Complete!

[root@rhel6-server ~]#

Main Config File for Telnet:

/etc/xinetd.d/telnet

Daemon for telnet:

/usr/sbin/in.telnetd

[root@rhel6-server ~]# vi /etc/xinetd.d/telnet

# default: on

# description: The telnet server serves telnet sessions; it uses \

# unencrypted username/password pairs for authentication.

service telnet

{

flags = REUSE

socket_type = stream

wait = no

user = root

server = /usr/sbin/in.telnetd

log_on_failure += USERID

disable = no ççç Changed from yes to no

[root@rhel6-server ~]# service xinetd restart

Stopping xinetd: [FAILED]

Starting xinetd: [ OK ]

[root@rhel6-server ~]# service xinetd status

xinetd (pid 12630) is running...

[root@rhel6-server ~]# chkconfig telnet on

[root@rhel6-server ~]# chkconfig xinetd on

[root@rhel6-server ~]# useradd raman

[root@rhel6-server ~]# passwd raman

Changing password for user raman.

New password:

BAD PASSWORD: it is based on a dictionary word

BAD PASSWORD: is too simple

Retype new password:

passwd: all authentication tokens updated successfully.

NOW, time to test the configuration.

[root@rhel6-test1 ~]# rpm -qa |grep -i telnet*

[root@rhel6-test1 ~]# telnet 192.168.234.200

-bash: telnet: command not found

[root@rhel6-test1 ~]# yum install -y telnet*

[root@rhel6-test1 ~]# service xinetd start

Starting xinetd: [ OK ]

[root@rhel6-test1 ~]# telnet 192.168.234.200

Trying 192.168.234.200...

telnet: connect to address 192.168.234.200: Connection refused

[root@rhel6-test1 ~]# telnet 192.168.234.146

Trying 192.168.234.146...

Connected to 192.168.234.146.

Escape character is '^]'.

Red Hat Enterprise Linux Server release 6.4 (Santiago)

Kernel 2.6.32-358.el6.x86_64 on an x86_64

Password:

[raman@rhel6-server ~]$

[raman@rhel6-server ~]$ exit

logout

Connection closed by foreign host.

[root@rhel6-test1 ~]#

Now I want to telnet “rhel6-test1 – 192.168.234.200” from “rhel6-server – 192.168.234.146”

[root@rhel6-server ~]# telnet 192.168.234.200

Trying 192.168.234.200...

telnet: connect to address 192.168.234.200: Connection refused

WHY???

Because I did not edited “/etc/xinetd.d/telnet” on target system.

[root@rhel6-test1 ~]# vi /etc/xinetd.d/telnet

# default: on

# description: The telnet server serves telnet sessions; it uses \

# unencrypted username/password pairs for authentication.

service telnet

{

flags = REUSE

socket_type = stream

wait = no

user = root

server = /usr/sbin/in.telnetd

log_on_failure += USERID

disable = no ççç Changed from yes to no

[root@rhel6-test1 ~]# service xinetd restart

Stopping xinetd: [ OK ]

Starting xinetd: [ OK ]

[root@rhel6-test1 ~]# chkconfig telnet on

[root@rhel6-test1 ~]# chkconfig xinetd on

Good, now try again to telnet.

[root@rhel6-server ~]# telnet 192.168.234.200

Trying 192.168.234.200...

Connected to 192.168.234.200.

Escape character is '^]'.

Red Hat Enterprise Linux Server release 6.4 (Santiago)

Kernel 2.6.32-358.el6.x86_64 on an x86_64

Password:

[raman@rhel6-test1 ~]$

But still I cannot access telnet via user “root”.

HOW TO ENABLE ROOT ACCESS IN TELNET?

[root@rhel6-test1 ~]# vi /etc/securetty

#Add following at end

pts/0

pts/1

pts/2

pts/3

pts/4

pts/5

pts/6

pts/7

pts/8

pts/9

# This will allow up to 10 telnet sessions to the server as root.

[root@rhel6-test1 ~]# service xinetd restart

Stopping xinetd: [ OK ]

Starting xinetd: [ OK ]

[root@rhel6-server ~]# telnet 192.168.234.200

Trying 192.168.234.200...

Connected to 192.168.234.200.

Escape character is '^]'.

Red Hat Enterprise Linux Server release 6.4 (Santiago)

Kernel 2.6.32-358.el6.x86_64 on an x86_64

Password:

Last login: Sat Apr 15 17:45:03 from rhel6-server

[root@rhel6-test1 ~]# id

uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

[root@rhel6-test1 ~]# exit

logout

Connection closed by foreign host.

[root@rhel6-server ~]#

Let’s try one more method for root access.

First make the /etc/securetty as it was. Then find & comment following entry at /etc/pam.d/login and /etc/pam.d/remote

auth required pam_securetty.so

[root@rhel6-test1 ~]# vi /etc/pam.d/login

Did not found “auth required pam_securetty.so”

[root@rhel6-test1 ~]# vi /etc/pam.d/remote

#%PAM-1.0

#auth required pam_securetty.so ç comment this line

[root@rhel6-test1 ~]# service xinetd restart

Stopping xinetd: [ OK ]

Starting xinetd: [ OK ]

[root@rhel6-server ~]# telnet 192.168.234.200

Trying 192.168.234.200...

Connected to 192.168.234.200.

Escape character is '^]'.

Red Hat Enterprise Linux Server release 6.4 (Santiago)

Kernel 2.6.32-358.el6.x86_64 on an x86_64

Password:

Last login: Sat Apr 15 17:47:41 from rhel6-server

[root@rhel6-test1 ~]# id

uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

[root@rhel6-test1 ~]# exit

logout

Connection closed by foreign host.

WHERE I CAN FIND THE LOGS FOR TELNET IN RHEL6?

[root@rhel6-test1 ~]# tail /var/log/messages

Apr 15 17:47:36 rhel6-test1 xinetd[15435]: START: telnet pid=15476 from=::ffff:192.168.234.146

Apr 15 17:47:49 rhel6-test1 xinetd[15435]: EXIT: telnet status=0 pid=15476 duration=12(sec)

Apr 15 17:50:02 rhel6-test1 xinetd[15435]: Exiting...

Apr 15 17:50:03 rhel6-test1 xinetd[15530]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.

Apr 15 17:50:03 rhel6-test1 xinetd[15530]: Started working: 1 available service

Apr 15 17:51:58 rhel6-test1 xinetd[15530]: Exiting...

Apr 15 17:51:58 rhel6-test1 xinetd[15558]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.

Apr 15 17:51:58 rhel6-test1 xinetd[15558]: Started working: 1 available service

Apr 15 17:52:03 rhel6-test1 xinetd[15558]: START: telnet pid=15561 from=::ffff:192.168.234.146

Apr 15 17:53:47 rhel6-test1 xinetd[15558]: EXIT: telnet status=0 pid=15561 duration=104(sec)

[root@rhel6-test1 ~]# tail /var/log/secure

Apr 15 17:44:56 rhel6-test1 login: pam_unix(remote:session): session closed for user raman

Apr 15 17:45:03 rhel6-test1 login: pam_unix(remote:session): session opened for user root by (uid=0)

Apr 15 17:45:03 rhel6-test1 login: ROOT LOGIN ON pts/2 FROM rhel6-server

Apr 15 17:47:29 rhel6-test1 login: pam_unix(remote:session): session closed for user root

Apr 15 17:47:41 rhel6-test1 login: pam_unix(remote:session): session opened for user root by (uid=0)

Apr 15 17:47:41 rhel6-test1 login: ROOT LOGIN ON pts/2 FROM rhel6-server

Apr 15 17:47:48 rhel6-test1 login: pam_unix(remote:session): session closed for user root

Apr 15 17:52:08 rhel6-test1 login: pam_unix(remote:session): session opened for user root by (uid=0)

Apr 15 17:52:08 rhel6-test1 login: ROOT LOGIN ON pts/2 FROM rhel6-server

Apr 15 17:53:47 rhel6-test1 login: pam_unix(remote:session): session closed for user root

[root@rhel6-test1 ~]#

THE ADMIN's LAB

Saturday, 15 April 2017

RHEL6 - 26 - TELNET

No comments:

Post a Comment

Labels

WAREHOUSE

Total Pageviews