CentOS6.0安装telnet-server启用telnet服务

CentOS6.0安装telnet-server启用telnet服务

一步到位

fp="/etc/yum.repos.d" ;    cp -a ${fp} ${fp}.$(date +%0y%0m%0d%0H%0M%0S).bkup
echo '[base]
name=CentOS-$releasever - Base
baseurl=http://mirrors.163.com/centos-vault/6.0/os/$basearch/http://mirrors.aliyun.com/centos-vault/6.0/os/$basearch/http://mirrors.huaweicloud.com/centos-vault/6.0/os/$basearch/http://mirrors.cloud.tencent.com/centos-vault/6.0/os/$basearch/http://archive.kernel.org/centos-vault/6.0/os/$basearch/http://linuxsoft.cern.ch/centos-vault/6.0/os/$basearch/http://mirrors.tuna.tsinghua.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.ustc.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.cqupt.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.zju.edu.cn/centos-vault/6.0/os/$basearch/http://mirror.nyist.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.pku.edu.cn/centos-vault/6.0/os/$basearch/http://mirror.nsc.liu.se/centos-store/6.0/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6[updates]
name=CentOS-$releasever - Updates
baseurl=http://mirrors.163.com/centos-vault/6.0/updates/$basearch/http://mirrors.aliyun.com/centos-vault/6.0/updates/$basearch/http://mirrors.huaweicloud.com/centos-vault/6.0/updates/$basearch/http://mirrors.cloud.tencent.com/centos-vault/6.0/updates/$basearch/http://archive.kernel.org/centos-vault/6.0/updates/$basearch/http://linuxsoft.cern.ch/centos-vault/6.0/updates/$basearch/http://mirrors.tuna.tsinghua.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.ustc.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.cqupt.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.zju.edu.cn/centos-vault/6.0/updates/$basearch/http://mirror.nyist.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.pku.edu.cn/centos-vault/6.0/updates/$basearch/http://mirror.nsc.liu.se/centos-store/6.0/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6[extras]
name=CentOS-$releasever - Extras
baseurl=http://mirrors.163.com/centos-vault/6.0/extras/$basearch/http://mirrors.aliyun.com/centos-vault/6.0/extras/$basearch/http://mirrors.huaweicloud.com/centos-vault/6.0/extras/$basearch/http://mirrors.cloud.tencent.com/centos-vault/6.0/extras/$basearch/http://archive.kernel.org/centos-vault/6.0/extras/$basearch/http://linuxsoft.cern.ch/centos-vault/6.0/extras/$basearch/http://mirrors.tuna.tsinghua.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.ustc.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.cqupt.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.zju.edu.cn/centos-vault/6.0/extras/$basearch/http://mirror.nyist.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.pku.edu.cn/centos-vault/6.0/extras/$basearch/http://mirror.nsc.liu.se/centos-store/6.0/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6[epel-archive]
name=Extra Packages for Enterprise Linux 6 - $basearch
baseurl=http://mirrors.aliyun.com/epel-archive/6/$basearchhttp://mirrors.cloud.tencent.com/epel-archive/6/$basearchhttp://repo.jing.rocks/fedora-buffet/archive/epel/6/$basearchhttp://archives.fedoraproject.org/pub/archive/epel/6/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
' > /etc/yum.repos.d/CentOS-Base.repo
yum clean all ; yum makecache
yum install telnet-server -y
chkconfig telnet on  ; cat /etc/xinetd.d/telnet && service xinetd restart
fp=/etc/sysconfig/iptables  ;    cp -a $fp $fp.$(date +%0y%0m%0d%0H%0M%0Sns%0N).bkup
iptables -I INPUT -p tcp --dport 23 -j ACCEPT
#iptables -I INPUT -p udp --dport 23 -j ACCEPT
/etc/rc.d/init.d/iptables save    ### 此iptables非彼iptables
service iptables restart ; service iptables status 
fp=/etc/securetty  ;    cp -a $fp $fp.$(date +%0y%0m%0d%0H%0M%0Sns%0N).bkup
echo -e "\n\n\npts/1\npts/2\npts/3\npts/4\npts/5\npts/6\npts/7\npts/8\npts/9\npts/10\npts/11\npts/12"  >>  /etc/securetty ; cat /etc/securetty
service xinetd restart

按步骤来

1. 换yum源

备份 /etc/yum.repos.d/ 文件夹

fp="/etc/yum.repos.d" ;    cp -a ${fp} ${fp}.$(date +%0y%0m%0d%0H%0M%0S).bkup

修改 /etc/yum.repos.d/CentOS-Base.repo 的内容

vi /etc/yum.repos.d/CentOS-Base.repo 

为

[base]
name=CentOS-$releasever - Base
baseurl=http://mirrors.163.com/centos-vault/6.0/os/$basearch/http://mirrors.aliyun.com/centos-vault/6.0/os/$basearch/http://mirrors.huaweicloud.com/centos-vault/6.0/os/$basearch/http://mirrors.cloud.tencent.com/centos-vault/6.0/os/$basearch/http://archive.kernel.org/centos-vault/6.0/os/$basearch/http://linuxsoft.cern.ch/centos-vault/6.0/os/$basearch/http://mirrors.tuna.tsinghua.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.ustc.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.cqupt.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.zju.edu.cn/centos-vault/6.0/os/$basearch/http://mirror.nyist.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.pku.edu.cn/centos-vault/6.0/os/$basearch/http://mirror.nsc.liu.se/centos-store/6.0/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6[updates]
name=CentOS-$releasever - Updates
baseurl=http://mirrors.163.com/centos-vault/6.0/updates/$basearch/http://mirrors.aliyun.com/centos-vault/6.0/updates/$basearch/http://mirrors.huaweicloud.com/centos-vault/6.0/updates/$basearch/http://mirrors.cloud.tencent.com/centos-vault/6.0/updates/$basearch/http://archive.kernel.org/centos-vault/6.0/updates/$basearch/http://linuxsoft.cern.ch/centos-vault/6.0/updates/$basearch/http://mirrors.tuna.tsinghua.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.ustc.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.cqupt.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.zju.edu.cn/centos-vault/6.0/updates/$basearch/http://mirror.nyist.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.pku.edu.cn/centos-vault/6.0/updates/$basearch/http://mirror.nsc.liu.se/centos-store/6.0/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6[extras]
name=CentOS-$releasever - Extras
baseurl=http://mirrors.163.com/centos-vault/6.0/extras/$basearch/http://mirrors.aliyun.com/centos-vault/6.0/extras/$basearch/http://mirrors.huaweicloud.com/centos-vault/6.0/extras/$basearch/http://mirrors.cloud.tencent.com/centos-vault/6.0/extras/$basearch/http://archive.kernel.org/centos-vault/6.0/extras/$basearch/http://linuxsoft.cern.ch/centos-vault/6.0/extras/$basearch/http://mirrors.tuna.tsinghua.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.ustc.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.cqupt.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.zju.edu.cn/centos-vault/6.0/extras/$basearch/http://mirror.nyist.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.pku.edu.cn/centos-vault/6.0/extras/$basearch/http://mirror.nsc.liu.se/centos-store/6.0/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6[epel-archive]
name=Extra Packages for Enterprise Linux 6 - $basearch
baseurl=http://mirrors.aliyun.com/epel-archive/6/$basearchhttp://mirrors.cloud.tencent.com/epel-archive/6/$basearchhttp://repo.jing.rocks/fedora-buffet/archive/epel/6/$basearchhttp://archives.fedoraproject.org/pub/archive/epel/6/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

重建yum缓存

yum clean all ; yum makecache

2. 安装 telnet-server ,启用telnet服务

1. 安装 telnet-server

yum install telnet-server -y

启用telnet服务

2. 启用服务

cat /etc/xinetd.d/telnet 原版

# default: on
# description: The telnet server serves telnet sessions; it uses \
#       unencrypted username/password pairs for authentication.
service telnet
{flags           = REUSEsocket_type     = streamwait            = nouser            = rootserver          = /usr/sbin/in.telnetdlog_on_failure  += USERIDdisable         = yes
}

方法1: 用编辑器修改, 比如vi

vi /etc/xinetd.d/telnet

方法2:

查看效果
sed -e '/disable/s|yes|no|ig' /etc/xinetd.d/telnet
将更改应用到文件,并查看
sed -ie '/disable/s|yes|no|ig' /etc/xinetd.d/telnet  ; cat /etc/xinetd.d/telnet

方法3
发现用 chkconfig telnet on 和 chkconfig telnet off 也能达到相同效果

chkconfig telnet off ; cat /etc/xinetd.d/telnet
chkconfig telnet on  ; cat /etc/xinetd.d/telnet

重启 xinetd服务

service xinetd restart

3. 关闭防火墙,或开放端口23

– 关闭防火墙

chkconfig iptables off ; service iptables stop

– 开放23端口

备份 /etc/sysconfig/iptables

fp=/etc/sysconfig/iptables  ;    cp -a $fp $fp.$(date +%0y%0m%0d%0H%0M%0Sns%0N).bkup

查看 /etc/sysconfig/iptables

cat /etc/sysconfig/iptables

新装的内容为

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

方法1: 直接修改文件为

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

注意,规则必须添加在 “-A INPUT -j REJECT --reject-with icmp-host-prohibited” 这一句之前 , 所以,如果用命令添加的话,要用-I插入,不要用-A追加

方法2: 用 iptables添加规则 , 再用 iptables-save 输出添加规则到文件

iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
iptables-save  ### 查看规则 , iptables-save完全没有保存作用,只有查看作用
iptables-save > /etc/sysconfig/iptables  ### 将iptables-save合成输出的新规则保存到文件

经测试,下面👇这种写法不行

iptables -A INPUT -p tcp --dport 23 -j ACCEPT
iptables -A INPUT -p udp --dport 23 -j ACCEPT

上面👆这种方法不行,原因是, -A是追加, -I是插入, 必须用-I, 因为规则必须写在 “-A INPUT -j REJECT --reject-with icmp-host-prohibited” 这一句之前

方法3: 用 iptables添加规则 , 再用 /etc/rc.d/init.d/iptables save 保存规则 , 此iptables非彼iptables

iptables -I INPUT -p tcp --dport 23 -j ACCEPT
iptables -I INPUT -p udp --dport 23 -j ACCEPT
/etc/rc.d/init.d/iptables save    ### 此iptables非彼iptables

重启并查看 iptables 服务

service iptables restart ; service iptables status

在VirtualBox7.0.18环境下,的仅主机模式,有时只能关闭iptables才能连通

4. 让telnet允许虚拟终端登录

在已安装telnet的Windows的控制台输入 telnet ip 发现登录不了
查看目标机日志less /var/log/secure 有

pam_securetty(remote:auth): access denied: tty ‘pts/1’ is not secure !

这样的内容, 所以向 /etc/securetty 添加 pst/1

cat /etc/securetty 原版为

console
vc/1
vc/2
vc/3
vc/4
vc/5
vc/6
vc/7
vc/8
vc/9
vc/10
vc/11
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11

备份 cat /etc/securetty

fp=/etc/securetty  ;    cp -a $fp $fp.$(date +%0y%0m%0d%0H%0M%0Sns%0N).bkup

添加 pts/1 …到 pts/12 , 并查看

echo -e "\n\n\npts/1\npts/2\npts/3\npts/4\npts/5\npts/6\npts/7\npts/8\npts/9\npts/10\npts/11\npts/12"  >>  /etc/securetty ; cat /etc/securetty

console
vc/1
vc/2
vc/3
vc/4
vc/5
vc/6
vc/7
vc/8
vc/9
vc/10
vc/11
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
pts/10
pts/11
pts/12

重启 xinetd

service xinetd restart

一气呵成

fp="/etc/yum.repos.d" ;    cp -a ${fp} ${fp}.$(date +%0y%0m%0d%0H%0M%0S).bkup
echo '[base]
name=CentOS-$releasever - Base
baseurl=http://mirrors.163.com/centos-vault/6.0/os/$basearch/http://mirrors.aliyun.com/centos-vault/6.0/os/$basearch/http://mirrors.huaweicloud.com/centos-vault/6.0/os/$basearch/http://mirrors.cloud.tencent.com/centos-vault/6.0/os/$basearch/http://archive.kernel.org/centos-vault/6.0/os/$basearch/http://linuxsoft.cern.ch/centos-vault/6.0/os/$basearch/http://mirrors.tuna.tsinghua.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.ustc.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.cqupt.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.zju.edu.cn/centos-vault/6.0/os/$basearch/http://mirror.nyist.edu.cn/centos-vault/6.0/os/$basearch/http://mirrors.pku.edu.cn/centos-vault/6.0/os/$basearch/http://mirror.nsc.liu.se/centos-store/6.0/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6[updates]
name=CentOS-$releasever - Updates
baseurl=http://mirrors.163.com/centos-vault/6.0/updates/$basearch/http://mirrors.aliyun.com/centos-vault/6.0/updates/$basearch/http://mirrors.huaweicloud.com/centos-vault/6.0/updates/$basearch/http://mirrors.cloud.tencent.com/centos-vault/6.0/updates/$basearch/http://archive.kernel.org/centos-vault/6.0/updates/$basearch/http://linuxsoft.cern.ch/centos-vault/6.0/updates/$basearch/http://mirrors.tuna.tsinghua.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.ustc.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.cqupt.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.zju.edu.cn/centos-vault/6.0/updates/$basearch/http://mirror.nyist.edu.cn/centos-vault/6.0/updates/$basearch/http://mirrors.pku.edu.cn/centos-vault/6.0/updates/$basearch/http://mirror.nsc.liu.se/centos-store/6.0/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6[extras]
name=CentOS-$releasever - Extras
baseurl=http://mirrors.163.com/centos-vault/6.0/extras/$basearch/http://mirrors.aliyun.com/centos-vault/6.0/extras/$basearch/http://mirrors.huaweicloud.com/centos-vault/6.0/extras/$basearch/http://mirrors.cloud.tencent.com/centos-vault/6.0/extras/$basearch/http://archive.kernel.org/centos-vault/6.0/extras/$basearch/http://linuxsoft.cern.ch/centos-vault/6.0/extras/$basearch/http://mirrors.tuna.tsinghua.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.ustc.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.cqupt.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.zju.edu.cn/centos-vault/6.0/extras/$basearch/http://mirror.nyist.edu.cn/centos-vault/6.0/extras/$basearch/http://mirrors.pku.edu.cn/centos-vault/6.0/extras/$basearch/http://mirror.nsc.liu.se/centos-store/6.0/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6[epel-archive]
name=Extra Packages for Enterprise Linux 6 - $basearch
baseurl=http://mirrors.aliyun.com/epel-archive/6/$basearchhttp://mirrors.cloud.tencent.com/epel-archive/6/$basearchhttp://repo.jing.rocks/fedora-buffet/archive/epel/6/$basearchhttp://archives.fedoraproject.org/pub/archive/epel/6/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
' > /etc/yum.repos.d/CentOS-Base.repo
yum clean all ; yum makecache
yum install telnet-server -y
chkconfig telnet on  ; cat /etc/xinetd.d/telnet && service xinetd restart
fp=/etc/sysconfig/iptables  ;    cp -a $fp $fp.$(date +%0y%0m%0d%0H%0M%0Sns%0N).bkup
iptables -I INPUT -p tcp --dport 23 -j ACCEPT
#iptables -I INPUT -p udp --dport 23 -j ACCEPT
/etc/rc.d/init.d/iptables save    ### 此iptables非彼iptables
service iptables restart ; service iptables status 
fp=/etc/securetty  ;    cp -a $fp $fp.$(date +%0y%0m%0d%0H%0M%0Sns%0N).bkup
echo -e "\n\n\npts/1\npts/2\npts/3\npts/4\npts/5\npts/6\npts/7\npts/8\npts/9\npts/10\npts/11\npts/12"  >>  /etc/securetty ; cat /etc/securetty
service xinetd restart

---

windows 安装telnet

"win键+r"运行 optionalfeatures 打开 “启用或关闭 Windows 功能”

optionalfeatures

勾选 “Telnet 客户端” 选项 [确定]

在cmd控制台就能使用 telnet 命令了

telnet 目标ip地址

---

A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 是什么意思

A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 

这条命令是用于配置Linux系统的iptables防火墙规则的，具体地，它定义了一个规则来允许进入的（incoming）TCP连接，这些连接的目标端口（destination port）是22号端口，也就是SSH服务的默认端口。下面是对这条命令的详细解释：

• -A INPUT：这个部分表示向INPUT链（chain）追加（Append）一条规则。INPUT链是iptables中用于处理进入本机的数据包的一个链。

• -p tcp：指定这条规则仅适用于TCP协议的数据包。

• -m state --state NEW：这个部分使用了state模块来匹配数据包的状态。--state NEW表示只匹配那些新建立的连接的数据包。这是因为SSH连接首先会建立一个TCP连接，而这条规则就是用来允许这个新连接的。

• -m tcp --dport 22：这里再次使用了tcp模块（虽然-p tcp已经指定了协议，但-m tcp允许你进一步指定TCP相关的匹配条件），--dport 22表示只匹配目标端口（destination port）为22的数据包。SSH服务默认监听22端口，因此这个条件用于允许SSH连接的进入。

• -j ACCEPT：最后，-j指定了当数据包匹配这条规则时应该采取的动作。ACCEPT表示接受这个数据包，即允许它进入本机。

综上所述，这条iptables规则的意思是：“对于所有新建立的、目标端口为22的TCP连接，允许它们进入本机。” 这通常用于允许SSH连接，因为SSH服务默认监听22端口。