In some cases (such as updating openssh) it may be desirable to open up telnet on a very limited basis. By using xinetd.d you can get a logfile going as well, and it is very easy to disable afterwords.

Disable telnet
Create the configuration
1. Disable telnet via xinetd

Disable telnet

To disable the standard telnet daemon one would enter chsubserver -d -v telnetd -p tcp. Run this command netstat -ant |grep LISTEN to see what daemons are in a Listening state. Ensure telnet, telnetd or port 23 are not in a LISTENING state.

Create the configuration

First create the configuration file vi /etc/xinetd.d/telnet and paste the following information in the file:

service telnet
{
	flags		= REUSE
	socket_type     = stream
	protocol        = tcp
	wait            = no
	user            = root
	server          = /usr/sbin/telnetd
	instances	= 10
	log_type	= FILE /var/log/telnetd.log
#	only_from	= 127.0.0.1
	log_on_success	= HOST PID USERID EXIT DURATION
	log_on_failure	= HOST ATTEMPT USERID
	disable		= NO
}

You can modify the “only_from” line if you wish to limit access further. Next you would find out the PID of the xinetd process, and do a HUP on it. This can be done with the following command: ps -ef |grep [x]inetd | awk '{print "kill -HUP " $2}' | sh

Disable telnet via xinetd

After you are done with telnet (via xinetd) you can disable it with the following:

rm /etc/xinetd.d/telnet
ps -ef |grep [x]inetd | awk '{print "kill -HUP " $2}' | sh

Category: AIX

Temporarily opening up telnet

Contents

Disable telnet

Create the configuration

Disable telnet via xinetd