Raspberry Pi – Enabling Telnet

Raspberry Pi – Enabling Telnet

Posted on February 16, 2013 by ronald.nutter

In the next step in my series in using the Raspberry Pi for Network Engineers, I will cover the installation of Telnet on the RPi. Telnet is not secure and shouldn’t be used in a production environment unless there is no other choice. You start the process of installing Telnet by using the command sudo apt-get install telnetd. After Telnet has been installed, you will need to get the service starts. You can do it by using the command sudo /etc/init.d/openbsd-inetd restart or by rebooting the RPi.

Once you have the service ready, you can verify this by using the netstat -a command. You should see something like this from the RPi –

pi@raspberrypi:~$ netstat -a | grep telnet (with no telnet session on RPi active)
tcp 0 0 *:telnet *:* LISTEN

If you repeat the command with a telnet session active on the RPI, your should see this –

pi@raspberrypi:~$ netstat -a | grep telnet (with an active telnet session on RPi)
tcp 0 0 *:telnet *:* LISTEN
tcp 0 0 raspberrypi.loca:telnet 192.168.15.161:49610 ESTABLISHED

In a production environment, you should limit who can access the RPi via Telnet. You can do so with the /etc/hosts.allow file. Using this example (changing the ip address for the address of the workstation you are testing from) will block access to that workstation on Telnet –

add a line like this to /etc/hosts.allow to block a specific host –
in.telnetd : 192.168.15.161 : deny

Finding the name of the process to put in the hosts.allow file involved looking at the/var/log/syslog file to identify the running process involved. That is what told me that I needed to use in.telnetd instead of telnet or telnetd that I had first tried. Anytime that you make a change to the hosts.allow file, you will need to restart the inetd process – sudo /etc/init.d/openbsd-inetd restart.

If you want to allow only a specific workstation to get in via Telnet and block all others, you would use something like this –

in.telnetd : 192.168.15.162 : allow
in.telnetd : 192.168.15. : deny

Using only 192.168.15. acts like a wildcard and blocks all workstations that didn’t match on the earlier rule.

If you want to remove Telnet, you will use sudo apt-get remove telnet.

To see more of my posts about the Raspberry Pi, please go tohttp://www.ronnutter.com/category/raspberry-pi/