I had a task to allow root login via telnet on RHEL 4.3 servers. I tried my luck on Google and found this. Once I have done exactly as mentioned, I still couldn’t login as root via telnet.
After researching a little bit more on Google, I finally found the answer! Apparently krb5-workstation‘s /etc/xinetd.d/krb5-telnet is not the telnet-server package that I have been looking for. telnet-server‘s telnetd is actually another package which is mentioned in the document I found earlier. I disabled krb5-telnet and enabled telnet in /etc/xinetd.d/.
Voila! Now it allows root login via telnet. Red Hat should have written a note about this in the document.
PS: Please enable telnet-server ONLY if you need it and you know what you’re doing. I do NOT recommend the use of telnet-server.
3 thoughts on “krb5-telnet != telnet-server”
They have put notes in about it, its written pretty clearly:
TELNET IS DEAD, USE SSH!
Why, out of curiosity, do you feel the need to enable a doubly-insecure option?
Anyone who sniffs your root password (sent unencrypted by telnet) will then be able to own your system.
Because these servers are connected to an internal network which is isolated and sniffing is impossible. Anyway, that was my task at work and there is no security concern.
Before you post your comment, this is my technical notes and I don’t need people telling me that telnet is insecure. The idea of this blog is to share knowledge that is probably not documented elsewhere. I know what I’m doing, people.
For those who need this information, they should know what they are doing and know the risks involved by using telnet.