CUPS, Alpine, and printserving
Beartooth
Beartooth at swva.net
Sat Nov 1 19:40:21 UTC 2008
On Sun, 02 Nov 2008 05:34:19 +1030, Tim wrote:
> On Sat, 2008-11-01 at 18:08 +0000, Beartooth wrote:
>> Oho! Then all those who said "get rid of telnet" really
>> *meant* "get rid of telnet-server." Right?
>
> Yes, but there's more to it than that. Having a telnet server is a
> security risk. Using telnet over an open wire is a security risk (what
> you type is not encrypted, so passwords can be snooped on, etc.).
>
> So, do not use telnet where you don't have to. But it's certainly a
> useful tool to try and connect to some server to see what it responds
> with. You can connect to a webserver, etc., using the telnet client,
> and what you do is no riskier than using a web browser. Just don't type
> confidential stuff when not encrypted.
Aha : I used it only a little when I did use it (mainly just to
do remote email at a provider that ran linux); I had no idea it could
connect to any server but its own; knowing that helps a lot. Many thanks!
>> So does that mean I should run "yum install telnet" on all
>> machines?
>
> Only if you want to be able to use the telnet program on them to connect
> to some server.
Then for the time being, I guess, it should suffice to have only
the client, only on the machine with the printer. It's installing now.
>> With the server on none?
>
> I wouldn't install a telnet server anywhere. You don't need it, as
> you've got plenty of other better options for remote accessing a
> machine, such as SSH. It's not like we don't have better options that
> we're forced to make do with telnet.
It is a consolation not to be mistaken at all points, as Gandalf
says to Gimli in the eaves of Fangorn.
>> What responds to "telnet 192.168.a.b 631" on a machine with no telnet
>> at all?
>
> A telnet server listens on port 23, by default. And you could log in
> and have a remote shell through it.
That must be what I did in the bad old W98 days, in order to be
able to run Pine on a linux machine, before I had linux at home. I
*think* I had a shell there; I certainly did in my last years working,
when I ran OS/2 on my workstation, but Pine on an AIX machine in the
basement.
> Without that server, you can't do
> *that*. But, you can use the telnet client to connect with other types
> of servers (mail, HTTP, etc.), and those servers will be the thing that
> responds. Some will be useable, some can't really be interacted with in
> a useful manner.
CUPS being one of the useful ones; that's all I'm likely to try
for now, since I'm used to running ssh on the LAN at need.
> If you telnet to port 631, it'll be the CUPS server that responds, if it
> can (CUPS has to be working, and allowing connections over the network
> that you're trying to access it).
If I have a Firefox tab open to it, does that mean it's working?
I suppose, after the changes I made (yesterday, I think) to the Trusted
tab on the firewall, it should be.
>> For that matter, what about "ssh 192.168.a.b 631" instead? I am at
>> least relatively familiar with ssh.
>
> That's not going to work, as CUPS listening on port 631 won't know
> anything about the SSL encryption that SSH uses, and there's a different
> syntax for specifying non-default ports with SSH.
>
> Telnet is little more than a remote terminal over a network.
Well, I made my living on one of those for years, cataloging
foreign language materials into a library. This may be easier than I was
beginning to expect. Many many thanks!
===== ===== =====
Oops! I just got this (edited slightly) :
[btth at Hbsk2 ~]$ telnet 192.168.a.b 631
Trying 192.168.a.b...
telnet: connect to address 192.168.a.b: No route to host
[btth at Hbsk2 ~]$
===== ===== =====
Fwiw, ssh from this machine to that one did work.
--
Beartooth Staffwright, PhD, Neo-Redneck Linux Convert
Remember I know precious little of what I am talking about.
More information about the fedora-list
mailing list