2015年1月3日星期六

Linux_096:RHEL6下安装telnet服务

环境:RHEL 6.6

RHEL 6.6 默认没有安装telnet服务,需要手工安装。
如果不确认是否已经安装了telnet服务,可以运行 rpm -qa telnet-server 查看。
首先,增加RHEL 6.6 iso作为本地YUM源,并进入Packages目录。

1. 安装xinetd
# rpm -ivh xinetd-2.3.14-39.el6_4.x86_64.rpm
warning: xinetd-2.3.14-39.el6_4.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:xinetd                 ########################################### [100%]

2. 安装telnet-server
# rpm -ivh telnet-server-0.17-48.el6.x86_64.rpm
warning: telnet-server-0.17-48.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:telnet-server          ########################################### [100%]

3. 安装telnet 
# rpm -ivh telnet-0.17-48.el6.x86_64.rpm
warning: telnet-0.17-48.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:telnet                 ########################################### [100%]

4.  设置防火墙,开启port:23
# vim /etc/sysconfig/iptables
修改后的文件内容如下:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 20 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

5.  disable SELinux
# vim /etc/selinux/config
修改后的文件内容如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

6. # chkconfig --level 35 telnet on,重启机器。

7. 测试:telnet [IP地址] [Port]
除了测试 telnet 默认的port:23,telnet 还可以用来测试任意远程主机的任意端口是否开启。
例1:telnet 192.168.0.105 8080
Trying 192.168.0.105...
Connected to 192.168.0.105.
Escape character is '^]'.
表示IP地址为192.168.0.105的机器的8080 端口开启。

例2: telnet 192.168.0.105 7777
Trying 192.168.0.105...
telnet: connect to address 192.168.0.105: Connection refused
telnet: Unable to connect to remote host
表示IP地址为192.168.0.105的机器的7777 端口未开启。

参考文献:
1. http://woshixy.blog.51cto.com/5637578/1279126
2. http://zoulu1.blog.163.com/blog/static/46733149201252752125837

没有评论: