服務管理——telnet

服務管理——telnet 一 telnet服務端和客戶端 什麼是Telnet？ Telnet協議是TCP/IP協議族中的一員，是Internet遠程登陸服務的標准協議和主要方式。它為用戶提供了在本地計算機上完成遠程主機工作的能力。在終端使用者的電腦上使用telnet程序，用它連接到服務器。終端使用者可以在telnet程序中輸入命令，這些命令會在服務器上運行，就像直接在服務器的控制台上輸入一樣。可以在本地就能控制服務器。要開始一個telnet會話，必須輸入用戶名和密碼來登錄服務器。Telnet是常用的遠程控制Web服務器的方法。 [plain] #Server01：安裝telnet服務端 [root@serv01 xinetd.d]# yum installtelnet-server* -y #開啟服務 [root@serv01 xinetd.d]# chkconfig telnet on #重啟xinetd服務 [root@serv01 xinetd.d]# /etc/init.d/xinetdrestart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] #再次查看網絡狀態 [root@serv01 xinetd.d]# netstat -langput |grep "telnet" tcp 0 0 192.168.1.11:23 192.168.1.12:57169 ESTABLISHED 2488/in.telnetd: 19 [root@serv01 xinetd.d]# netstat -langput |grep "xin" tcp 0 0 :::22 :::* LISTEN 2486/xinetd tcp 0 0 :::23 :::* LISTEN 2486/xinetd #Server02：安裝telnet客戶端 [root@serv02 .ssh]# yum install telnet -y #客戶端通過telnet遠程連接登錄，注意一定要使用普通用戶 [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 19:44:31 from 192.168.1.1 [hongyi@serv01 ~]$ 二 telnet的特性 [plain] #明文傳輸，不允許root登錄 #telnet是明文傳輸，不允許root登錄 #我們往往使用普通用戶登錄，然後su -切換到root用戶。 [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: root Password: Login incorrect [root@serv01 xinetd.d]# pwd /etc/xinetd.d [root@serv01 xinetd.d]# cat telnet # default: on # description: The telnet server servestelnet sessions; it uses \ # unencryptedusername/password pairs for authentication. service telnet { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID } #service ssh：名字必須唯一，不要重復 三 telnet只允許某個IP或者某個網段訪問（only_from） [plain] #編輯文件，只允許192.168.1.12訪問 [root@serv01 xinetd.d]# vim telnet [root@serv01 xinetd.d]# cat telnet # default: on # description: The telnet server servestelnet sessions; it uses \ # unencryptedusername/password pairs for authentication. service telnet { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID only_from = 192.168.1.12 } #重啟服務 [root@serv01 xinetd.d]# /etc/init.d/xinetd restart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] #serv02可以正常訪問 [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 23:20:57 from 192.168.1.12 [hongyi@serv01 ~]$ exit ogout Connection closed by foreign host. [root@serv02 .ssh]# #serv02不可以正常訪問 [root@serv03 .ssh]# yum install telnet -y [root@serv03 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Connection closed by foreign host. 192.168.1.0/24 172.16.1.0/24 192.168.1.0/255.255.255.0 X access_times = 8:30-17:00 四 telnet不允許某個IP或者某個網段訪問（no_access） [plain] #no_access [root@serv01 xinetd.d]# vim telnet [root@serv01 xinetd.d]# cat telnet # default: on # description: The telnet server servestelnet sessions; it uses \ # unencryptedusername/password pairs for authentication. service telnet { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID no_access = 192.168.1.12 } [root@serv01 xinetd.d]# /etc/init.d/xinetdrestart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Connection closed by foreign host. [root@serv03 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 23:41:22 from 192.168.1.12 [hongyi@serv01 ~]$ #網段 [root@serv01 xinetd.d]# vim telnet [root@serv01 xinetd.d]# cat telnet # default: on # description: The telnet server servestelnet sessions; it uses \ # unencryptedusername/password pairs for authentication. service telnet { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID only_from = 192.168.1.0/24 } [root@serv01 xinetd.d]# /etc/init.d/xinetdrestart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] [root@serv02 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 23:46:23 from 192.168.1.13 [hongyi@serv01 ~]$ [root@serv03 .ssh]# telnet 192.168.1.11 Trying 192.168.1.11... Connected to 192.168.1.11. Escape character is '^]'. Red Hat Enterprise Linux Server release 6.1(Santiago) Kernel 2.6.32-131.0.15.el6.x86_64 on anx86_64 login: hongyi Password: Last login: Tue Aug 6 23:48:15 from 192.168.1.12 [hongyi@serv01 ~]$ 五 telnet允許或者禁止在某個時間段訪問（access_times、deny_time） [plain] #telnet允許或者禁止在某個時間段訪問，可以通過access_times、deny_time參數控制。比如： #access_times 8:00-17:30 #deny_time 15:00-17:30