You can use the telnet service to communicate with another host using the telnet protocol. The telnet program runs on the local system and connects the local system to a host on the network. Using the telnet program, you can enter and execute commands on the remote host, similar to executing commands on the remote host’s console. To start a telnet session, you must log in to a server by entering a valid user name and password.
The telnet command has the following syntax:
telnet [[options] host [port]] |
If you invoke telnet without arguments, it enters the command mode, indicated by the prompt telnet>. If you invoke telnet with arguments, it performs an open command.
When a connection is opened, telnet enters input mode. The input mode is either character at a time or line by line, depending on what the remote system supports.
In the character at a time mode, the text typed is immediately sent to the remote host for processing. In the line by line mode, the entire text is echoed locally, and only the completed lines are sent to the remote host. You can turn off or turn on the local echo character (^E). In either mode, if the localchars toggle is set to TRUE, the user’s quit and intr characters are trapped locally, and sent as telnet protocol sequences to the remote side.
If, at any time, telnet is unable to read from or write to the server over the connection, the following error message is displayed on standard error, and telnet exits with a value of 1:
Connection closed by foreign host |
 |
Kerberos-Specific Options |
|
By default, the Kerberos version of telnet behaves as a client that supports authentication based on Kerberos. You can enable Kerberos authentication to telnet by using the -a or -l option. As a Kerberos client, telnet authenticates and authorizes a user to access the remote system. For more information on Kerberos authentication and authorization, type man 5 sis at the HP-UX prompt.
However, telnet does not support integrity checks and encrypted sessions. The default Kerberos options for the applications are set in the /etc/krb5.conf configuration file. You can set the -a, -f, and -F options under the appdefaults section in the /etc/krb5.conf file with the tag names autologin, forward, and forwardable, respectively. For more information on the appdefaults section, type man 4 krb5.conf at the HP-UX prompt.
You can also set the fallback option in the /etc/krb5.conf file within the appdefault section. If the fallback option is set to true and the Kerberos authentication fails, telnet uses the non-secure mode of authentication.
For detailed information on telnet, type man 1 telnet at the HP-UX prompt.
The telnetd Program |
|
The telnetd daemon executes a server that implements the telnet protocol as defined in RFC 854 (Telnet Protocol Specification). The Internet daemon, inetd, executes telnetd when it receives a service request at the port listed in the services database for telnet
telnetd operates in the following steps during a login process:
1. Allocates a telnet psuedo terminal, pty, /dev/pts/t* on the server to the telnet client. For more information, type man 7 pty at the command prompt.
2. Performs the telnet command processing on the master side of the pty and interacts with the telnet client using the telnet protocol to negotiate terminal input/output behavior for the client connection.
3. Creates a login process on the slave side of the allocated pty. The login prompt is displayed on the telnet client terminal standard output. The login process reads input on standard input. Errors are written to standard output.
When a TELNET session starts, telnetd sends TELNET options to the remote client indicating that the local client is ready for a remote connection. If the remote client is also ready, the remote terminal type is propagated in the environment created by the login process. The pseudo-terminal allocated to the local client is configured as a normal terminal for login with the exception of the echoing characters.
|
| |
|
 | NOTE: telnetd supports the Error Management Technology (EMT) toolset that provides an online, searchable repository of error messages. When telnetd displays an error message, you can search the repository for the respective cause and also obtain the appropriate action for the error message. |
|
| |
|
To start telnetd from the inetd daemon, you must add the following entry in the /etc/inetd.conf file:
In IPv4 mode:
telnet stream tcp nowait root /usr/lbin/telnetd telnetd |
In IPv6 mode:
telnet stream tcp6 nowait root /usr/lbin/telnetd telnetd |
After you add the necessary entry to the/etc/inetd.conf file, recompile inetd using the following command:
Now, inetd invokes telnetd with the service as specified in the /etc/inetd.conf file.
telnetd uses the /etc/hosts.equiv and .rhosts files to verify and authorize users in a telnet session. For more information, type man 4 hosts.equiv at the HP-UX prompt.
Printable version
