Re: making telnet secure

From: Bob Rasmussen <ras@xxxxxxxxx>
Date: Wed, 12 Nov 2008 09:31:41 -0800 (PST)

On Wed, 12 Nov 2008, Sudarshan Soma wrote:

Thanks Robert. I used port forwarding as a solution to secure telnet.
But now i am getting a problem in determining the source/client IP
address from which the telnet connection has originated. It always
shows source IP as as 127.0.0.1/localhost. Can anyone please suggest
me , if there is any way to determine the correct source IP.

That is accurate; the telnet daemon is receiving its connection from
"localhost", that is the same machine.

You probably need to rethink how your application identifies who the
clients are and where they come from. Relying on their IP address has
problems in many scenarios, not just this one, such as with Network
Address Translation. You can identify sessions by username, by a custom
TERM variable, by a terminal answerback prompt, etc.

Much will depend on the capabilities of the telnet client you are using.
Our clients (Anzio Lite and AnzioWin) can be queried for their local
machine name, their MAC address, their local IP address, and several other
identifying variables.

If you will explain how you need to use this information, I can offer
other suggestions. If this becomes unrelated to SSH, feel free to contact
me off-list.

Regards,
....Bob Rasmussen, President, Rasmussen Software, Inc.

personal e-mail: ras@xxxxxxxxx
company e-mail: rsi@xxxxxxxxx
voice: (US) 503-624-0360 (9:00-6:00 Pacific Time)
fax: (US) 503-624-0760
web: http://www.anzio.com
street address: Rasmussen Software, Inc.
10240 SW Nimbus, Suite L9
Portland, OR 97223 USA

Follow-Ups:
- Re: making telnet secure
  - From: Preston Connors

References:
- Re: making telnet secure
  - From: Sudarshan Soma

Prev by Date: Re: making telnet secure
Next by Date: utmp inconsistency between versions -- FreeBSD 7.1-PRELEASE (OpenSSH_5.1p1 FreeBSD-20080901, OpenSSL 0.9.8e 23 Feb 2007) vs. Mac OS/X 10.5.5 (OpenSSH_5.1p1, OpenSSL 0.9.7l 28 Sep 2006)
Previous by thread: Re: making telnet secure
Next by thread: Re: making telnet secure
Index(es):
- Date
- Thread

Relevant Pages

Re: COM link via telnet.
... > I must open an telnet connection and within that connection I must run a ... > access the device via COM1! ... It isn't that you want Telnet to do this, ... >>>can not stop it or kill kermit. ...
(microsoft.public.windows.server.networking)
Re: telnet immediatelly timesout if run from cron
... open a telnet connection, and wait for it to timeout ... when I run the same thing from a cron! ... Maybe you should post the interesting parts of your script. ...
(comp.unix.shell)
Re: scripting a telnet session to VMS
... all I am receiving back from the ... telnet connection is "?? ... won't do and it's waiting for you to tell it the same. ... That's pretty low-level handshaking to just establish and automate a TELNET ...
(comp.os.vms)
Re: Checking for connectivity
... > I am using tcl/expect for windows to telnet to a linux box, ... > script works great if the telnet connection to the host is active. ...
(comp.lang.tcl)
Re: How safe am I?
... >>clients, let's say ANY Openssh. ... >>spoofed by a hacker, and if successful, would said hacker ... >>to telnet instead of openssh - would also require a hacker ...
(comp.security.ssh)