浅谈krb5-telnet问题的解决方法
Telnet的远程服务,是很多企业都需要的。不少管理员也是非常关注这方面的学习。那么针对linux系统的多样版本,如何Telnet?那么今天我们对这个系统的krb5-telnet问题进行一下讲解。那么具体我们从两方面来解决:
一、关闭selinux (setenforce 0)影响不大
二、关闭防火墙 (iptables -F 或service iptables stop)
Red Hat Enterprise Linux 5 telnet开启过程
1、确定你的telnet服务打开没有:
- [root@111 ~]# chkconfig --list|grep telnet
- ekrb5-telnet: off
- krb5-telnet: off
- [root@111 ~]#
- 注意检查结果这里是关闭状态
2、打开telnet服务:
- [root@111 ~]# chkconfig krb5-telnet on
- [root@111 ~]# chkconfig --list|grep telnet
- ekrb5-telnet: off
- krb5-telnet: on
- 检查已经被打开了
3、修改登陆文件securetty,主要增加要登陆的终端点
- [root@111 ~]# vi /etc/securetty
- 增加如下几行:
- pts/1
- pts/2
- pts/3
- pts/4
- pts/5
- ……
(或者取用此方法:mv /etc/securetty /etc/securetty.bak 将文件去除)保存退出即可,此时只能以非根用户登陆,如要以root用户登陆,下文会有说明.注意:如果同时将chkconfig ekrb5-telnet on.会提示Unencrypted connection refused. Goodbye.Connection closed by foreign host.
看错误信息好像是说的为加密的连接被拒绝,查看了他的配置文件也没发现有什么关于加密的选项,而且配置文件也很正确,于是到google上去搜索了一大圈,最后终于找到一个老外写的一个解决方法:
I really needed a bit of guidance and you provided it./sbin/chkconfig --list |grep telnetThe above command told me I had both krb5-telnet and ekrb5-telnet, andalso the installed telnet all on. Initially I did not know what theywere all for. After turning them on and off and testing my telnetconnection from another box I realised that "ekrb5-telnet" was theencrypted telnet server that I needed to turn off to run "krb-telnet"which allowed non-encrypted telnet connections.eg /sbin/chkconfig ekrb5-telnet offThanks for your help.
原来ekrb5-telnet是一个需要加密的telnet服务,必须有Kerberos服务器才行,把这个服务启动上当然就需要加密了.解决方法:将 /etc/xinetd.d/ekrb5-telnet里面的disable改成=yes,再重启xinetd服务service xinetd restart就OK了!相当于将ekrb5-telnet关掉而已,注意service是红帽系列的命令,非标准命令,相应操作可以如下实现:/etc/init.d/xinetd restart."/etc/xinetd.d/ekrb5-telnet"/etc/xinetd.d/守护进程的启动位置.
内容自出:https://blog.163.com/mail_zcw/blog/static/412607742008413114453290/
关键词标签:krb5,telnet