CentOSRHEL Based

How To Install Telnet on CentOS Stream 10

r00t

Install Telnet on CentOS Stream 10

Telnet has long been a staple in the world of network communications, allowing administrators to log in to remote systems and test or manage services across different environments. Even though Telnet has been superseded by more secure protocols—such as SSH—there are still use cases, particularly in closed or legacy environments, where Telnet offers a functional and straightforward solution. This guide focuses on installing Telnet on CentOS Stream 10 with detailed, step-by-step instructions. You will also learn how to configure it properly, secure it to the extent possible, and troubleshoot common issues that might arise along the way.

Introduction

Telnet offers a plaintext method for connecting to remote machines. It dates back to earlier days of computing, where secure communication methods were not as critical in certain internal networks. Over time, secure alternatives like SSH have taken center stage for remote administration. However, Telnet remains popular in certain legacy systems, specialized network configurations, or labs where plaintext communication is sufficient.

In this guide, we will emphasize:

  • Full instructions for installing and enabling Telnet functionality on CentOS Stream 10.
  • The importance of security measures when working with Telnet.
  • Real-world steps for troubleshooting potential pitfalls.
  • Additional resources and preventive best practices for safe usage.

Whether you need Telnet for testing services on your local network, managing old routers, or connecting to legacy systems, this tutorial will help you deploy and configure it comprehensively on CentOS Stream 10. Let’s begin by exploring the prerequisites.

Prerequisites

Before diving into the installation process, ensure the following prerequisites are met:

  1. Root or Sudo Privileges: You will need administrative rights to install packages and modify the system configuration.
  2. Reliable Network Connectivity: Telnet requires network communication via port 23 by default. Make sure your system has a stable network connection, and that any firewalls along the path can allow Telnet traffic.
  3. Basic Command-Line Knowledge: Familiarity with basic Linux commands and text editors (like vi or nano) is beneficial for configuring and verifying Telnet.
  4. Updated System: While not strictly mandatory, having your operating system fully up-to-date ensures that no underlying system conflicts or missing dependencies cause installation issues.

With these items ready, you can proceed to the installation and Telnet setup on CentOS Stream 10. Next, we will cover how to prepare your system so that the process unfolds smoothly.

System Preparation

System preparation is a crucial part of ensuring that the packages and dependencies required for Telnet install properly. During this phase, you will make sure your repositories are updated, retrieve all needed package information, and verify that your server or local machine can handle the installation workload. Below are detailed instructions:

Update System Packages

Maintaining consistency and ensuring you have the latest stable versions of software is crucial to preventing conflicts. Begin by updating and refreshing the system repositories:

sudo dnf update -y

This command fetches the latest package lists and security patches from the CentOS Stream 10 repositories. The -y flag automatically accepts changes. Once this process completes, your system will be in the best state for package installations.

Verify Repository Integrity

Occasionally, certain mirrors or repositories might be disabled by default or might have connectivity issues. Confirm the status of enabled repositories:

dnf repolist all

If you notice any repository that is disabled and required for Telnet, enable it accordingly by editing the associated repo file under /etc/yum.repos.d/. This ensures your system can access all the necessary packages and dependencies for Telnet.

Reboot If Necessary

In some cases—particularly when you have installed new kernels or carried out major updates—a reboot might be advisable to ensure all changes take effect. Rebooting is optional but can help you start from a pristine environment if you suspect conflicts from older versions or incomplete updates:

sudo reboot

After this preliminary preparation, you are ready to move on to the installation process for Telnet on CentOS Stream 10.

Installation Process

Telnet packages in CentOS Stream 10 generally come as two separate components: a Telnet client and a Telnet server. Selecting which components to install depends on your use case. If you only want to initiate Telnet connections to other machines, you only need the client. If you intend to allow remote Telnet connections into your CentOS system, installing the server package is essential. This section walks you through both scenarios.

Installing the Telnet Client

Use the following command to install the Telnet client on CentOS Stream 10:

sudo dnf install telnet -y

This command checks for the telnet package in the repositories, fetches it, and installs it on your system. The Telnet client is sufficient for:

  • Testing open network ports on remote hosts.
  • Connecting to networking hardware that still relies on Telnet-based interfaces.
  • Simple text-based interactions with remote services.

To verify the Telnet client installation, run:

telnet --version

The command might not print a version in the same manner as modern software. If no error appears, or you see the usage instructions, the Telnet client has successfully installed.

Installing the Telnet Server

The Telnet server allows other hosts to initiate a Telnet connection into your CentOS Stream 10 machine. Installing it is equally straightforward:

sudo dnf install telnet-server -y

Depending on your system, you might also need xinetd, a super-server daemon that manages several Internet-based services:

sudo dnf install xinetd -y

While some configurations handle Telnet through the socket-activation system by default, others rely on xinetd. If you are working on older or more traditional CentOS-based systems, installing xinetd can ensure compatibility.

Configuration Steps

After installing the Telnet client or server, you should configure the environment to ensure it functions correctly and securely. This involves starting and enabling services, adjusting firewall rules for port 23, and verifying connections. Below are detailed steps for configuring Telnet on CentOS Stream 10.

Service Configuration

If you installed the Telnet server, it is essential to ensure the service starts automatically. Typically, Telnet on modern CentOS Stream versions uses the socket-based activation. However, if you are specifying usage through xinetd, you will need to edit /etc/xinetd.d/telnet to enable the service.

Follow these steps to enable Telnet in xinetd:

  1. Open the Telnet configuration file with your favorite text editor: 
    sudo nano /etc/xinetd.d/telnet
  2. Locate the line that says disable = yes and change it to disable = no.
  3. Save and exit.
  4. Restart xinetd and ensure it starts on boot: 
    sudo systemctl enable xinetd
sudo systemctl start xinetd

These commands will load the Telnet service under the management of xinetd each time your CentOS Stream 10 system starts. Alternatively, if you want to rely on systemd socket activation, check that the telnet.socket or vtl-telnet.socket file is enabled. The service name can differ, but the concept remains the same: ensuring that Telnet is allowed to accept inbound connections.

Firewall Configuration

By default, Telnet uses TCP port 23. Modern firewall configurations often block service ports by default to limit exposure. You must explicitly allow inbound Telnet connections if you wish to run a Telnet server:

sudo firewall-cmd --permanent --add-port=23/tcp
sudo firewall-cmd --reload

The first command opens port 23, which Telnet uses for inbound traffic, while the second command reloads the firewall rules. If you do not open this port, remote hosts will be unable to reach your Telnet server.

SELinux Considerations

CentOS Stream 10 continues to use SELinux (Security-Enhanced Linux) to enforce stricter access controls. If your system uses SELinux in enforcing mode, you may need to set the appropriate SELinux boolean to allow Telnet. You can check SELinux booleans with:

getsebool -a | grep telnet

If required, you can enable any relevant boolean with a command like:

sudo setsebool -P allow_telnet_server on

Adjusting SELinux booleans ensures that SELinux does not prevent inbound or outbound Telnet connections. Always confirm that you are only toggling the relevant booleans necessary for your usage scenario.

Testing and Verification

Once the installation and configuration steps are complete, your next step is verifying that Telnet functions as planned. Testing not only confirms the system is ready for use, but also helps detect any potential conflicts or misconfigurations early.

Connection Testing from the Local Machine

A fundamental way to test Telnet functionality is by attempting to connect to localhost. This test checks whether the Telnet server is active and listening on port 23. Run:

telnet localhost 23

If successful, you’ll either see a prompt for login credentials or be greeted with some form of a banner message. If it fails, verify that the Telnet service is running and that no local firewall rules are blocking port 23.

Remote Connection Testing

To confirm external connectivity, run the following command from a different system on the same network:

telnet <server-ip-or-hostname> 23

If you see a login message, your Telnet server is functioning correctly and is accessible to remote hosts. If it fails, investigate potential firewall or SELinux restrictions, ensure the Telnet service is running, and confirm correct IP addressing.

Service Checking and Logs

If connections fail, check the system logs to pinpoint potential issues. The journalctl command can be particularly helpful:

sudo journalctl -u xinetd

Look for lines that reference Telnet or potential SELinux denials. This step-by-step approach quickly isolates common configuration oversights.

Security Considerations

Telnet transmits data in plaintext, meaning usernames, passwords, and session activity are exposed in an unencrypted form. In modern networks—especially those connected to the internet—this is a significant risk. However, if you absolutely must use Telnet, you can mitigate risks by following best practices:

Network Isolation

Only allow Telnet within fully trusted and isolated environments. For instance, it is common to see Telnet used within a private lab or a dedicated VLAN with restricted outbound internet traffic. Minimizing exposure to the public internet drastically reduces the risk of session hijacking and password theft.

Access Control and Authentication

Use strong passwords on accounts accessible through Telnet. Limit the user accounts with Telnet access to only those absolutely necessary. If your system supports it, consider integrating Telnet with centralized authentication systems or employing strict user management policies to ensure accountability.

Prefer SSH Whenever Possible

SSH is the de facto standard for secure remote access. It encrypts all traffic and offers robust mechanisms like public key authentication. Consider using Telnet only where SSH is impractical or impossible. Should you need advanced capabilities, such as file transfers or remote port forwarding, SSH is the safer and more modern solution.

Common Use Cases

Telnet may not enjoy the same popularity it once did, but it still finds a home in several niche scenarios:

  1. Network Troubleshooting: Administrators often use Telnet to verify if services on specific ports are responding. For instance, testing HTTP on port 80 or an SMTP service on port 25 can be quickly done by Telnet to see if the server responds with the correct protocol banner.
  2. Legacy System Management: Older networking gear or legacy servers might only offer Telnet access lacking the hardware or software to support SSH.
  3. Quick Device Configuration: Some embedded systems or development boards might still rely on Telnet for initial setup, especially if they run minimal Linux distributions without SSH by default.

These use cases underscore Telnet’s continued relevance in specific environments, even as modern security demands push administrators toward more secure options.

Troubleshooting Guide

Even after following the steps above, you may encounter issues that prevent Telnet from functioning as intended on CentOS Stream 10. Here are some of the most common pitfalls and how to fix them:

  • Connection Refused: This usually indicates that the Telnet server is not running, a firewall is blocking port 23, or SELinux restrictions are in place. Verify with systemctl status xinetd and confirm firewall-cmd rules.
  • Cannot Resolve Hostname: DNS problems or incorrect entries in /etc/resolv.conf can cause name resolution to fail. Test using the IP address or fix your DNS setup.
  • Authentication Failure: Either the account or the password is incorrect, the user is disabled for Telnet logins, or an SELinux boolean is preventing remote logins. Check logs in journalctl -u xinetd or /var/log/secure for further detail.
  • Service Not Listening on Port 23: Check that telnet-server is installed, xinetd is running, and the Telnet configuration file is not set to disable = yes.

When in doubt, logs are your best friend. Using journalctl or examining the /var/log directory can help pinpoint errors that are not apparent on the surface.

Additional Tips and Best Practices

By applying the following best practices and tips, you can enhance management and efficiency when dealing with Telnet on CentOS Stream 10:

  1. Backup Configuration Files: Whenever you modify /etc/xinetd.d/telnet or firewall stock settings, create backups of the original file. This practice allows you to revert to known working configurations if new changes introduce issues.
  2. Monitor Connections: Use commands like netstat -tulpn | grep telnet or ss -tulpn | grep 23 to see if Telnet is actively listening on the correct port.
  3. Establish Thorough Auditing: Configure auditing to log all Telnet login attempts, successful or not. This helps you track unauthorized attempts on port 23, especially if you operate in a more open or complex network environment.
  4. Restrict Access by IP: Use firewall rules or /etc/hosts.allow and /etc/hosts.deny to restrict which hosts can access your Telnet server. This is an extra layer of defense beyond simply enabling a port in the firewall.
  5. Periodic Security Scans: Periodically run vulnerability scans on your system to ensure new vulnerabilities are not introduced or overlooked, especially since Telnet’s plaintext nature can become an attack vector if improperly secured.

These tips complement the fundamental steps outlined above and help maintain a stable, secure, and well-documented environment for your Telnet deployments.

Congratulations! You have successfully installed Telnet. Thanks for using this tutorial for installing the Telnet on your CentOS Stream 10 system. For additional or useful information, we recommend you check the official Telnet website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved.
Back to top button