Re: making telnet secure



Thanks Robert. I used port forwarding as a solution to secure telnet.
But now i am getting a problem in determining the source/client IP
address from which the telnet connection has originated. It always
shows source IP as as 127.0.0.1/localhost. Can anyone please suggest
me , if there is any way to determine the correct source IP.

Thanks and Best Regards,
Pavan

On Sat, Oct 18, 2008 at 1:37 AM, Robert Hajime Lanning
<robert.lanning@xxxxxxxxx> wrote:
On Fri, Oct 17, 2008 at 7:51 AM, Sudarshan Soma <sudarshan12s@xxxxxxxxx> wrote:
Thanks all for your valuable inputs.

My telnet server application has its own way of handling
authentication, commands supported,..
Hence i cant easily move to ssh. I know i can use SSH to use my own
authentication using PAM, but the other things such as commands
supported are all not easily done just by moving to ssh server.

Based on my requirements , i think tunelling(either stunnel or ssh
tuneling) is the best option to go with, if not please suggest any
other way you could think of?

With tunneling, Can i somehow avoid the client side setup of
specifying a non-standard port which will forward requests to sshd.

Can it be as easy as below: (I think its not possible, but i just want
to confirm that )

on the server:
- A tunneling port (7778) listens , which forward connections to my
application running at port 4050.

on the client:
use ssh to connect to port 7778. This will make the server port 7778
forward the connections to my application port 4050 and back in the
same way.

Please advice.

Best Regards,
Pavan.

This will be a complex setup on the client side, but this is how ssh
tunneling works.

Server:
sshd listens on port 22, and has a configuration to allow the specific
port forwarding you need.
Accounts the clients will login to need to have a shell that just
sleeps. (don't allow other commands to run)

Client:
You need to configure the port forwarding: (openssh)
ssh -N -L4050:localhost:4050 account@server-host
then on the client:
telnet localhost 4050

--
And, did Galoka think the Ulus were too ugly to save?
-Centauri




Relevant Pages

  • Re: RDC port change
    ... As for the SSH, I use SSh myself and for my clients where I can. ... There is a mac client, ... remote control...... ... By the way lol, the problem with the RDC port is fixed, it seems.... ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Disabling telnet on Linux iptables firewall
    ... the 'telnet' client takes a port number as an optional parameter, ... even if likely to not survive the next upgrade of the ... else or there own client. ...
    (comp.os.linux.security)
  • Re: I do not get ssh. Why is it more secure?
    ... I ask this because I will be needing to open SSH ... If you put your ssh server on port 12345, it will be free from attacks. ... ssh has a range of benefits over other remote solutions such as telnet or rsh. ... You can can store options for your ssh client for ports and other options, organised by server, which is very convenient if you need to connect to many servers. ...
    (comp.os.linux.misc)
  • Re: Secure / Encrypt Terminal Services
    ... SSH port forwarding should work. ... Then connect with your SSH client. ...
    (Focus-Microsoft)
  • Re: Where to go?
    ... Things are pretty open with Fibs. ... Fibs itself is a great place for the information, however run any telnet ... client and connect to fibs.com on port 4321. ... The thing about fibs is that all the clients do is act as a client around ...
    (rec.games.backgammon)