• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to allow or deny telnet login to specific users only in CentOS/RHEL

by admin

The login to specific users can be allowed or denied using the file /etc/pam.d/remote. Other network services uses the files /etc/pam.d/sshd or /etc/pam.d/password-auth for allowing or denying the access. Whereas telnet uses the file /etc/pam.d/remote.

Denying telnet login to specific users

1. Add the users you want to deny the telnet login to, in the file /etc/user.deny.

# vi /etc/user.deny
user01
user02
user03

2. Add the following line to the /etc/pam.d/remote file to deny telnet login to users mentioned in /etc/user.deny file in stpe 1.

# vi /etc/pam.d/remote
auth   required  pam_listfile.so  item=user  sense=deny  file=/etc/user.deny  onerr=succeed

Allowing telnet login to specific users

1. To allow specific users, add the below line to the file /etc/pam.d/remote.

# vi /etc/pam.d/remote
auth   required  pam_listfile.so  item=user  sense=allow  file=/etc/user.deny  onerr=succeed

2. To allow telnet access to specific groups, add the below line to the file /etc/pam.d/remote.

# vi /etc/pam.d/remote
auth   required  pam_listfile.so  item=group  sense=allow  file=/etc/user.deny  onerr=succeed

Denying telnet login to specific groups

We can also deny specific groups. Similar to above settings add the below line to the file /etc/pam.d/remote.

# vi /etc/pam.d/remote
auth   required  pam_listfile.so  item=group  sense=deny  file=/etc/user.deny  onerr=succeed

Troubleshooting telnet logins

Before troubleshooting telnet access from remote server, first try to check if telnet login works locally on the server.

# telnet localhost

You can also check if the iptables are turned on for the telnet port.

# iptables -L -t filter

You can allow access to telnet service through iptables, using below command.

# iptables -A INPUT -p tcp --dport 23 -j ACCEPT

Filed Under: CentOS/RHEL 5, CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. CentOS / RHE 7 : How to Prevent Users from Using the Last 10 Passwords
  2. Images preview with ngx_http_image_filter_module
  3. “error: can’t find command ‘ffffffffff…..” GRUB2 error CentOS/RHEL 7
  4. resize2fs Command Examples in Linux
  5. CentOS / RHEL 6 : How to setup yum repository using locally mounted DVD
  6. CentOS/RHEL – How to run a script or command when any user logout the ssh session
  7. ifenslave Command Examples in Linux
  8. How to install/remove/query/update RPM packages in Linux (Cheat Sheet)
  9. Oracle Database Environment Variables and Their Functions
  10. CentOS / RHEL 7 : How to configure Network Bonding or NIC teaming

You May Also Like

Primary Sidebar

Recent Posts

  • vgextend Command Examples in Linux
  • setpci command – configure PCI device
  • db_load command – generate db database
  • bsdtar command – Read and write tape archive files

© 2022 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright