On Sun, 02 Nov 2008 05:34:19 +1030, Tim wrote: > On Sat, 2008-11-01 at 18:08 +0000, Beartooth wrote: >> Oho! Then all those who said "get rid of telnet" really >> *meant* "get rid of telnet-server." Right? > > Yes, but there's more to it than that. Having a telnet server is a > security risk. Using telnet over an open wire is a security risk (what > you type is not encrypted, so passwords can be snooped on, etc.). > > So, do not use telnet where you don't have to. But it's certainly a > useful tool to try and connect to some server to see what it responds > with. You can connect to a webserver, etc., using the telnet client, > and what you do is no riskier than using a web browser. Just don't type > confidential stuff when not encrypted. Aha : I used it only a little when I did use it (mainly just to do remote email at a provider that ran linux); I had no idea it could connect to any server but its own; knowing that helps a lot. Many thanks! >> So does that mean I should run "yum install telnet" on all >> machines? > > Only if you want to be able to use the telnet program on them to connect > to some server. Then for the time being, I guess, it should suffice to have only the client, only on the machine with the printer. It's installing now. >> With the server on none? > > I wouldn't install a telnet server anywhere. You don't need it, as > you've got plenty of other better options for remote accessing a > machine, such as SSH. It's not like we don't have better options that > we're forced to make do with telnet. It is a consolation not to be mistaken at all points, as Gandalf says to Gimli in the eaves of Fangorn. >> What responds to "telnet 192.168.a.b 631" on a machine with no telnet >> at all? > > A telnet server listens on port 23, by default. And you could log in > and have a remote shell through it. That must be what I did in the bad old W98 days, in order to be able to run Pine on a linux machine, before I had linux at home. I *think* I had a shell there; I certainly did in my last years working, when I ran OS/2 on my workstation, but Pine on an AIX machine in the basement. > Without that server, you can't do > *that*. But, you can use the telnet client to connect with other types > of servers (mail, HTTP, etc.), and those servers will be the thing that > responds. Some will be useable, some can't really be interacted with in > a useful manner. CUPS being one of the useful ones; that's all I'm likely to try for now, since I'm used to running ssh on the LAN at need. > If you telnet to port 631, it'll be the CUPS server that responds, if it > can (CUPS has to be working, and allowing connections over the network > that you're trying to access it). If I have a Firefox tab open to it, does that mean it's working? I suppose, after the changes I made (yesterday, I think) to the Trusted tab on the firewall, it should be. >> For that matter, what about "ssh 192.168.a.b 631" instead? I am at >> least relatively familiar with ssh. > > That's not going to work, as CUPS listening on port 631 won't know > anything about the SSL encryption that SSH uses, and there's a different > syntax for specifying non-default ports with SSH. > > Telnet is little more than a remote terminal over a network. Well, I made my living on one of those for years, cataloging foreign language materials into a library. This may be easier than I was beginning to expect. Many many thanks! ===== ===== ===== Oops! I just got this (edited slightly) : [btth@Hbsk2 ~]$ telnet 192.168.a.b 631 Trying 192.168.a.b... telnet: connect to address 192.168.a.b: No route to host [btth@Hbsk2 ~]$ ===== ===== ===== Fwiw, ssh from this machine to that one did work. -- Beartooth Staffwright, PhD, Neo-Redneck Linux Convert Remember I know precious little of what I am talking about. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
