Telnet is used to communicate to a host through telnet protocol on default port 23 It operates on client/server basic.. The client requires an account on the server to login Most t
Trang 2 Configure FTP
Trang 3 Telnet is used to communicate to a host
through telnet protocol on default port 23
It operates on client/server basic The client requires an account on the server to login
Most telnet servers will not allow you
login as root because of security You can
login as normal user and su to root
Trang 4 why people still use it ? - telnet can be used for debugging text based protocol : HTTP, SMTP and POP
Trang 5 When users has telnetrc file in their home directories, telnet will execute the
commands listed in this file
# this is a comment
saigonctt send ayt DEFAULT environ export USER
Trang 6telnet [IP address|host name] [port]
If telnet is executed without options, it will be
started in command mode with prompt
“telnet>”
You can change to command mode by
“Ctrl-]” after connected
Trang 7?, h, help Lists commands with description
<command> ? More information of command (arg)
open <IP address> Open connection to the IP address or host name close = quit Terminates connection from client
logout Requests server to terminate the connection
send Send a special character sequence to the server
status A brief status report of telnet
…
( See #man telnet for more commands )
Trang 8 There are 3 programs :
Trang 9 rlogin : similar to telnet
rlogin [-l username] <hostname>
rsh : executes cmd on remote host
rsh [-l username] <hostname> <cmd>
Shell meta-characters can be used in <cmd> To have rsh
interpret the meta-characters on remote machine, put
`quotation mark around them If not
quotes,meta-characters are interpreted on local machine :
# rsh –l minh saigonctt “cat ~/file” > local_file
# rsh –l minh saigonctt “cat ~/file” “>” remote_file
Trang 10 rcp : copy files between machines
rcp <dir> <remote username>@<hostname>:<dir> rcp <remote username>@<hostname>:<dir> <dir>
Trang 11 centers around the idea of trusted users
and hosts , NOT password authentication.
• Trusted hosts are also known as equivalent hosts
• If NO hosts.equiv is present, NO hosts are trusted
• The rhosts file is used to control access to an
individual user account
• It grant/denies password-free access to an individual
user account by means of rhosts
but rhosts does
Trang 12 Everything SSH send across network is
encrypted SSH has become de-factor
standard for remote connection
SSH can hanlde X connection
Trang 13 Arbitrary TCP/IP ports can be redirect
through the encrypted channel in both directions
For forwarding, ssh captures on port 6010
Optional compression of all data with gzip
Complete replacement for rlogin, rsh, rcp
Trang 14authentication keys) ssh-agent Authetication agent, used to hold
RSA keys for authentication
agent make-ssh-known-hosts Used to create
/etc/ssh/ssh_known_hosts file
Trang 16ssh-keygen2 The utility for generating keys
ssh-agent2 Authetication agent, used to hold
RSA keys for authentication
ssh-add2 Add identifier to the authentication
agent ssh-askpass2 X11 utility for querying password
Trang 17 SSH has been 98% rewritten
Supports other key-exchange methods
besides RSA : Diffie-Hellman key exchange
Supports for DSA and other public key
algorithms besides RSA
Trang 18 More secure and allows integration into
public key infrastrures
Supports “subsystems”,
platform-independent module, built-in SOCKS, …
Trang 19 Because of legal reasons, SSH is not included by default in Linux You can download and install from source code or from OpenSSH
OpenSSH suite includes :
• ssh (replaces telnet and rlogin)
• scp (replaces rcp)
• sftp (replaces ftp)
Trang 20 Client : openssh-clients-xxx.rpm
(ssh, ssh_config, sftp, )
Addtion tools : openssh-xxx.rpm
(scp, ssh-keygen, )
Trang 21as comment Keyword are case sensitive :
Trang 22 All Linux distributions offer the wu-ftpd
program, which is ftp daemon developed at Washington University
wu-ftpd is the most common daemon on
the Internet
Trang 24 It’s main configuration file
class all real,guest,anonymous *
loginfails 5
message /welcome.msg login
message message cwd=*
compress yes all
tar yes all
chmod no guest,anonymous delete no anonymous
rename no anonymous
…
Trang 26lp mail news uucp
…
Trang 27 It’s another powerful ftp server, not popular
as wu-ftpd but easier to configure and more secure
It can run as stand-alone server or from
inetd
Relevant files :
/usr/sbin/in.proftpd : server daemon /etc/proftpd.conf : main configuration file