[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Authentication for telnet.

On Wed, Oct 02, 2019 at 09:45:12AM +0300, Reco wrote:
> On Tue, Oct 01, 2019 at 09:12:42PM -0700, peter@easthope.ca wrote:
> > peter@joule:~$ grep telnet /etc/inetd.conf
> > #<off># telnet	stream	tcp	nowait	root	/usr/sbin/tcpd	/usr/sbin/telnetd -a none -E /bin/bash
> > 
> > Not sure #<off># should be there.  Have yet to find an explanation for it.
> No, it should not be there because it disables telnetd this way. Hence
> aforementioned "echo" command above. 

And Debian disables telnetd this way because no sensible Linux
distribution would enable telnetd by default.

They gave you the rope and the instructions.  It's up to you to actually
tie the noose around your own neck.

Just delete the stupidly obvious this-line-is-commented-out-on-purpose
token, and then reload inetd.  If you don't know how to do those things,
or if you can't figure this out just by glancing at the configuration
file, then you have zero business fucking with telnetd.

Here, here's the source code showing the script that does this.


They didn't even bother putting a comment in the script, because it's
so bleedingly obvious to every single person reading this script why
they would insert the configuration line in a disabled state.

telnetd is INSECURE and SHOULD NOT BE USED unless you have an incredibly
good, specific, well-thought-out, EXPLICITLY STATED reason.

You have not stated ANY reasons for your requests.  NONE.  Despite MANY
people asking you to do so.  Despite REPEATED warnings.

So, I'm done with you.  I'm adding you to the same file that the
illustrious Mr. Owlett is in, so I never have to read your mangled,
nonsensical crap again.

Reply to: