|
Home > Archive > Linux Debian support > November 2007 > telnet - closed by foreign host
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
telnet - closed by foreign host
|
|
| bobg.hahc@gmail.com 2007-11-13, 7:11 pm |
| running debian etch;
Whenever I try to telnet into this system it tells me connection
closed by host.
after hours of screwing around, I finally got the telnetd service
running without any errors in /var/log.
inetd.conf:
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
hosts.allow:
ALL: ALL
hosts.deny:
#<empty> only comments
why is getting telnetd service turned on SO HARD???
what else am I missing? what else do I have to do to get telnet to
accept "calls" ?
and before the questions are asked:
1) yes, I know nobody likes telnet; but NOTHING beats it when
accessing a system internally.
2) ssh client software is NOT natively installed on pc's - telnet IS.
therefore it's the best thing going.
TIA - Bob
| |
| Michael C. 2007-11-14, 1:13 am |
| On Tue, 13 Nov 2007 13:53:48 -0800,
bobg.hahc@gmail.com <bobg.hahc@gmail.com> wrote:
> why is getting telnetd service turned on SO HARD???
Because it is an unnecesaary security risk.
> and before the questions are asked:
> 1) yes, I know nobody likes telnet; but NOTHING beats it when
> accessing a system internally.
Putty isn't exactly a major download, it doesn't even need to be
installed. Putty is even a better telnet client than MS telnet.exe.
> 2) ssh client software is NOT natively installed on pc's - telnet
> IS. therefore it's the best thing going.
Telnet isn't shipped with Vista Home, I don't know about other
variants.
Michael C.
--
mjchappell@verizon.net http://mcsuper5.freeshell.org/
"I go online sometimes, but everyone's spelling is really bad, it's
depressing." - Tara MacClay (BtVS)
| |
| bobg.hahc@gmail.com 2007-11-14, 7:13 pm |
| On Nov 14, 12:09 am, "Michael C." <mjchapp...@verizon.net> wrote:
> On Tue, 13 Nov 2007 13:53:48 -0800,
>
> bobg.h...@gmail.com <bobg.h...@gmail.com> wrote:
>
> Because it is an unnecesaary security risk.
agreed; but not if managed correctly. telnet is an excellent means of
communicating behind a fully secured & firewalled network. With proper
config of allow/deny file's, risk is minimal (at least to the outside
world). Yes there's still internal risk; but that's a different issue,
and can also be managed.
Did you have any ideas as to why I can't get it to work?
>
>
> Putty isn't exactly a major download, it doesn't even need to be
> installed. Putty is even a better telnet client than MS telnet.exe.
>
Also agreed; but if you need to do a quick connect, and you're on
"just any PC", ms telnet works well enough.
>
> Telnet isn't shipped with Vista Home, I don't know about other
> variants.
While I didn't know that telnet has been removed from vista home; I'm
assuming it IS in the business version... which would be the only
version I'd EVER even look at.
But that's irrelevent to me, as I can't imagine ever upgrading to
vista  (at least not at ms's current price points, and at least
not until sp1 is released and broken in .
| |
| Michael C. 2007-11-14, 7:13 pm |
| On Wed, 14 Nov 2007 11:29:34 -0800,
bobg.hahc@gmail.com <bobg.hahc@gmail.com> wrote:
> On Nov 14, 12:09 am, "Michael C." <mjchapp...@verizon.net> wrote:
>
> agreed; but not if managed correctly. telnet is an excellent means of
> communicating behind a fully secured & firewalled network. With proper
> config of allow/deny file's, risk is minimal (at least to the outside
> world). Yes there's still internal risk; but that's a different issue,
> and can also be managed.
Fair enough.
> Did you have any ideas as to why I can't get it to work?
No.
$ sudo aptitude install telnetd
$ telnet localhost
works for me. I'm able to login from the LAN as well. I didn't check
the logs, or attempt to harden it, so my guess is it's one of your
tweaks. Using Lenny/Sid.
> assuming it IS in the business version... which would be the only
> version I'd EVER even look at.
> But that's irrelevent to me, as I can't imagine ever upgrading to
> vista (at least not at ms's current price points, and at least
> not until sp1 is released and broken in .
It's not an upgrade. My stepmother was looking for a new computer,
and I told her that it was going to be hard to get XP in the future,
she misinterpreted. I bought a retail version for myself, so I don't
have to ask what the !@#$ are you talking about when she calls me for
support.
Michael C.
--
mjchappell@verizon.net http://mcsuper5.freeshell.org/
Whether you think you can or whether you think you can't, you're right!
- Henry Ford
| |
| Michael C. 2007-11-14, 7:13 pm |
| On Tue, 13 Nov 2007 13:53:48 -0800,
bobg.hahc@gmail.com <bobg.hahc@gmail.com> wrote:
> running debian etch;
>
> Whenever I try to telnet into this system it tells me connection
> closed by host.
>
> after hours of screwing around, I finally got the telnetd service
> running without any errors in /var/log.
>
> inetd.conf:
> telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
My inetd.conf shows:
telnet stream tcp nowait telnetd /usr/sbin/tcpd /usr/sbin/in.telnetd
Does inetd use path resolution? If so, that would be a security risk.
The only daemons I expose to the world are sshd and apache, and I
don't believe I've bothered to install telnetd since it hasn't been
part of a typical install.
> hosts.allow:
> ALL: ALL
> hosts.deny:
> #<empty> only comments
>
> why is getting telnetd service turned on SO HARD???
>
> what else am I missing? what else do I have to do to get telnet to
> accept "calls" ?
If you can telnet localhost, the problem is a firewall problem.
HTH,
Michael C.
--
mjchappell@verizon.net http://mcsuper5.freeshell.org/
Bad people are punished by society's law
And good people are punished by murphy's law
- GL,DLM
| |
| bobg.hahc@gmail.com 2007-11-15, 7:44 pm |
| On Nov 14, 3:13 pm, "Michael C." <mjchapp...@verizon.net> wrote:
> On Tue, 13 Nov 2007 13:53:48 -0800,
>
> bobg.h...@gmail.com <bobg.h...@gmail.com> wrote:
>
>
>
>
> My inetd.conf shows:
>
> telnet stream tcp nowait telnetd /usr/sbin/tcpd /usr/sbin/in.telnetd
>
> Does inetd use path resolution? If so, that would be a security risk.
> The only daemons I expose to the world are sshd and apache, and I
> don't believe I've bothered to install telnetd since it hasn't been
> part of a typical install.
>
>
>
>
> If you can telnet localhost, the problem is a firewall problem.
>
> HTH,
>
Michael;
TX so much for posting yours...
I needed to use a fully qualified path name for the in.telnetd
command :0 duh!
I know I had that in there at one point, but after screwing around
with so many different things, I must not have restored it to what it
SHOULD have been....
TX again!
Bob
|
|
|
|
|