Shulou(Shulou.com)06/02 Report--

Configure telnet

Through the configuration file, we can set the connection time, number of connections, connection ip and so on of telnet to achieve a more secure connection.

1. Set the connection time. The parameter "access_times"

[root@localhost wj] # gedit / etc/xinetd.d/telnet

Service telnet

{

Flags = REUSE

Socket_type = stream

Wait = no

User = root

Server = / usr/sbin/in.telnetd

Log_on_failure + = USERID

Disable = no

Access_times = 08:00-09:00 13:00-15:00 / / the allowed connection period is 8: 9 o'clock, 13: 15 o'clock

}

[root@localhost wj] # service xinetd restart / / restart the service

Stop xinetd: [OK]

Starting xinetd: [OK]

[root@localhost wj] # telnet 192.168.0.119 / / attempt to connect

Trying 192.168.0.119...

Connected to 192.168.0.119.

Escape character is'^]'.

Connection closed by foreign host. / / connection failed

2. Set the number of connections. You can set the number of connections allowed by the parameter "instances". After that, you can no longer connect.

[root@localhost wj] # gedit / etc/xinetd.d/telnet

Service telnet

{

Flags = REUSE

Socket_type = stream

Wait = no

User = root

Server = / usr/sbin/in.telnetd

Log_on_failure + = USERID

Disable = no

Instances = 1 / / only one connection is allowed here, and the second cannot be connected.

}

[root@localhost wj] # service xinetd restart / / restart the service

Stop xinetd: [OK]

Starting xinetd: [OK]

[root@localhost wj] # telnet 192.168.0.119 / / first connection

Connected to 192.168.0.119.

Login: david

Password:

Last login: Thu Aug 16 09:10:22 from 192.168.0.119

Already login / / successful

[root@localhost wj] # telnet 192.168.0.119 / / second connection

Connected to 192.168.0.119.

Connection closed by foreign host. / / failed

3. Allow / disable login to a specific ip or network segment. Parameter "only-from"no_access"

[root@localhost wj] # gedit / etc/xinetd.d/telnet

Service telnet

{

Flags = REUSE

Socket_type = stream

Wait = no

User = root

Server = / usr/sbin/in.telnetd

Log_on_failure + = USERID

Disable = no

Only_from = 192.168.0.113 / / only 113 connections are allowed

# only_from = 192.168.0.0amp 24 / / allow 1mm 254 connection

# only_from = 192.168.0.100-192.168.0.200 / / 100 connections allowed

# only_from = 192.168.0. / / allow 113 and 114 connections

# no_access = 192.168.0.113 / / 113connection is prohibited, other words are the same as above

}

4. Allow root connection. As long as the file "/ etc/securetty" is deleted, the system cannot read the file and will naturally log in to root forever.

[root@localhost wj] # mv / etc/securetty / etc/securetty.bak / / rename the file

[root@localhost wj] # service xinetd restart / / restart the service

Stop xinetd: [OK]

Starting xinetd: [OK]

[root@localhost wj] # telnet 192.168.0.119 / / connection

Trying 192.168.0.119...

Connected to 192.168.0.119.

Login: root / / use root user connection

Password:

Last login: Thu Aug 16 07:51:45 from 192.168.0.119

Already login / / connected successfully

I have made a platform for Linux learning. At present, it comes out one by one, which you can refer to and use.

Link: https: / / pan.baidu.com/s/1GOLVU2CbpBNGtunztVpaCQ password: n7bk

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.