In some cases (such as updating openssh) it may be desirable to open up telnet on a very limited basis. By using xinetd.d you can get a logfile going as well, and it is very easy to disable afterwords.

Disable telnet

To disable the standard telnet daemon one would enter chsubserver -d -v telnetd -p tcp. Run this command netstat -ant |grep LISTEN to see what daemons are in a Listening state. Ensure telnet, telnetd or port 23 are not in a LISTENING state.

Create the configuration

First create the configuration file vi /etc/xinetd.d/telnet and paste the following information in the file:

service telnet
{
	flags		= REUSE
	socket_type     = stream
	protocol        = tcp
	wait            = no
	user            = root
	server          = /usr/sbin/telnetd
	instances	= 10
	log_type	= FILE /var/log/telnetd.log
#	only_from	= 127.0.0.1
	log_on_success	= HOST PID USERID EXIT DURATION
	log_on_failure	= HOST ATTEMPT USERID
	disable		= NO
}

You can modify the “only_from” line if you wish to limit access further. Next you would find out the PID of the xinetd process, and do a HUP on it. This can be done with the following command: ps -ef |grep [x]inetd | awk '{print "kill -HUP " $2}' | sh

Disable telnet via xinetd

After you are done with telnet (via xinetd) you can disable it with the following:

• rm /etc/xinetd.d/telnet
• ps -ef |grep [x]inetd | awk '{print "kill -HUP " $2}' | sh