1. 查看linux版本信息:
[loong@localhost ~]$ cat /etc/issueCentOS release 5.8 (Final)Kernel \r on an \m
2. 查看系統(tǒng)是否已安裝telnet-server,linux系統(tǒng)上默認(rèn)已經(jīng)安裝telnet-client(或telnet),而telnet-server需要手動安裝。
[loong@localhost ~]$ rpm -qa | grep telnettelnet-0.17-39.el5
3. 安裝telnet-server,若系統(tǒng)已安裝,跳過此步。
方法一:下載RPM resource telnet-server,下載地址:http://rpmfind.net/linux/rpm2html/search.php?query=telnet-server
選擇相應(yīng)版本的telnet-server下載;
安裝:# rpm -i telnet-server-0.17-39.el5.i386.rpm #貌似還得單獨(dú)安裝xinetd.
方法二:(推薦使用)
# yum install telnet-server
安裝完成后:
[loong@localhost ~]$ rpm -qa | grep telnettelnet-0.17-39.el5telnet-server-0.17-39.el5
4. 啟動telnet服務(wù)
方法一:System->Administration->Services 中,
在On Demand Services中選中telnet,
并在Background Services中選中xinetd,并點(diǎn)擊上面的Start,即在右側(cè)顯示:xinetd (pid 15986) is running...
最后Save & Quit.
方法二:編輯/etc/xinetd.d/telnet, 將其中的 disable = yes 的yes改為no.
修改后:
# default: on# description: The telnet server serves telnet sessions; it uses # unencrypted username/password pairs for authentication.service telnet{ disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID}
方法三:使用chkconfig命令直接開啟
[root@localhost loong]# chkconfig telnet on
注:方法二和方法三,需要激活xinetd服務(wù)。方法如下:
[root@localhost loong]# service xinetd restartStopping xinetd: [ OK ]Starting xinetd: [ OK ]
或:
[root@localhost loong]# /etc/rc.d/init.d/xinetd restartStopping xinetd: [ OK ]Starting xinetd: [ OK ]
5. 測試服務(wù)
[root@localhost loong]# telnet localhostTrying 127.0.0.1...Connected to localhost.localdomain (127.0.0.1).Escape character is '^]'.CentOS release 5.8 (Final)Kernel 2.6.18-308.1.1.el5 on an i686login: loongPassword: Last login: Tue Apr 24 16:42:06 from 10.108.14.135[loong@localhost ~]$ exitlogoutConnection closed by foreign host.[root@localhost loong]#
注:默認(rèn)情況下,系統(tǒng)只允許普通用戶telnet登錄,不允許root用戶登錄。
要想獲得root權(quán)限,可以使用普通用戶登錄,然后執(zhí)行su,來獲得root權(quán)限。
或使用一下方法,允許root登錄telnet:
方法一:# mv /etc/securetty /etc/securetty.bak (不建議這種方法,測試完后再改回去吧?。?/p>
或先試圖使用root用戶登錄,不成功,然后查看系統(tǒng)log:
telnet> o localhostTrying 127.0.0.1...Connected to localhost.localdomain (127.0.0.1).Escape character is '^]'.CentOS release 5.8 (Final)Kernel 2.6.18-308.1.1.el5 on an i686login: rootPassword: Login incorrectlogin: Login incorrectlogin: Login incorrectlogin: Connection closed by foreign host.[root@localhost loong]# tail -20 /var/log/secureApr 24 17:32:58 localhost login: pam_securetty(remote:auth): access denied: tty 'pts/1' is not secure !Apr 24 17:33:03 localhost login: FAILED LOGIN 1 FROM localhost FOR root, Authentication failure
可以看到 access denied: tty 'pts/1' is not secure !
所以將‘pts/1’添加到/etc/securetty中,即可實(shí)現(xiàn)telnet的root用戶登錄。至于為什么?暫不清楚。
方法二:修改/etc/pam.d/remote,注釋掉:auth required pam_securetty.so
1 #%PAM-1.02 #auth required pam_securetty.so3 auth include system-auth
注:不建議開放telnet的root登錄,容易帶來安全隱患。