accessing my linux box via telnet

Andor Demarteau andor at nl.linux.org
Thu May 3 14:53:07 UTC 2007 

On Thu, 3 May 2007, Tim Chase wrote:

 > There are a couple factors that play into an answer, so to answer the
 > question one would need to know:
 > 
 > 1) do you have to use telnet, or can you use ssh?  Using SSH is much
 > preferred because it encrypts your password over the network unlike telnet
 > which sends it in plain-text over the wire.  MUCH preferred.  Telnet might be
 > fine for a fixed server of data such as a weather server, IRC, or a MUD where
 > there's no password to be sent.  So unless there's some overly compelling
 > reason to use telnet (such as perhaps ssh/putty not being accessible to a
 > screen reader, or severe lock-down of the guest machine preventing you from
 > installing putty or the cygwin ssh utilities) I strongly recommend SSH
 > instead.
even if you can't use ssh/putty, don't use telnet for login-sessions at 
all.
better not to access the box in question over telnet if ssh is not 
available then severaly compromising security by using telnet.
it's not only the encryption of the ssh/password exchagne, but the hole 
connection in fact.

 > 2) is your PC behind a hardware router/firewall?  If so, you likely have a
 > private IP address of the form 192.168.x.y and a public/external IP address.
 > You can find your internal IP address with the "ifconfig" command.  You can
 > find your external IP address by browsing to www.whatsmyip.org.  If the two
 > numbers aren't the same, there are more hoops to jump through.
 true but if you tlak about the client it will most likely not be a 
problem.\if it is the serverside, you need to do a portforwarding on the 
router in which case you need some tweaking there.

 > 3) is your guest machine also on your same home network, or are you accessing
 > it from outside your LAN?
 if on the same network and you are the only nerd on it :) telnet is fine
thatis IF AND ONLY IF the network is cabled and NOT wireless in which case 
the same objections on telnet apply as using it over the big and evil 
internet :)

 > If the answer to #3 is that you're just on your home network, it obviates
 > most of the problems with telnet vs. ssh and doesn't need reconfiguration of
 > your router/firewall.
 > 
 > The simple answer to #1 is that you can start either the sshd or the telnetd
 > program either on startup or you can manually start them (or both, so you
 > don't have to reboot, but it will come up the next time you boot).
 > Alternatively, they can be started on demand via the inetd superserver.
 > Depending on your distro, there may be a spiffy interface for this sorta
 > thing.  I think when I installed the openssh package under Debian, it asked
 > if I wanted sshd to run on startup, and I answered yes.
 > 
 > As to the second question, if you're not behind a router/firewall, you're
 > good to go.
 > 
 > If you *are* behind a router/firewall, you have to configure it to take
 > incoming traffic on the associated port (22 for ssh, 23 for telnet) and
 > forward it to the same port on your machine.
 > 
 > This usually involves specifying that the router/firewall assign a fixed IP
 > address to your machine based on its MAC address. This is helpful so it knows
 > where to forward traffic and so it prevents other private IP addresses from
 > being assigned to your box.
 > 
 > You then have to use your router's configuration tools to set up port
 > forwarding.  These days, most of them allow you to browse to
 > http://192.168.0.1 or http://192.168.1.1 (though you might have to use
 > "https" instead of "http").  Each router's configuration software is
 > different.  However, you'd be poking around for a "port fowarding" or "NAT"
 > ("network address translation") option.  You configure traffic coming from
 > external port 22/23 to go to the same port on your internal machine
 > (identified by its static IP address).
 > 
 > Hope this helps,
 > 
 > -tim
 > 
 > 
 > 
 > _______________________________________________
 > Blinux-list mailing list
 > Blinux-list at redhat.com
 > https://www.redhat.com/mailman/listinfo/blinux-list
 > 
 > 

-- 
Andor Demarteau                 E-mail: andor at nl.linux.org
student computer science        www: http://www.nl.linux.org/~andor
UU based & VU guest-student     jabber,icq,msn,voip: do ask ;)
-----------
chairman Stichting Studiereizen Storm 2002-2004
vice-chairman USF Studentenbelangen executive committee 2002-2003

More information about the Blinux-list mailing list