• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to allow or deny telnet login to specific users only in CentOS/RHEL

by admin

The login to specific users can be allowed or denied using the file /etc/pam.d/remote. Other network services uses the files /etc/pam.d/sshd or /etc/pam.d/password-auth for allowing or denying the access. Whereas telnet uses the file /etc/pam.d/remote.

Denying telnet login to specific users

1. Add the users you want to deny the telnet login to, in the file /etc/user.deny.

# vi /etc/user.deny
user01
user02
user03

2. Add the following line to the /etc/pam.d/remote file to deny telnet login to users mentioned in /etc/user.deny file in stpe 1.

# vi /etc/pam.d/remote
auth   required  pam_listfile.so  item=user  sense=deny  file=/etc/user.deny  onerr=succeed

Allowing telnet login to specific users

1. To allow specific users, add the below line to the file /etc/pam.d/remote.

# vi /etc/pam.d/remote
auth   required  pam_listfile.so  item=user  sense=allow  file=/etc/user.deny  onerr=succeed

2. To allow telnet access to specific groups, add the below line to the file /etc/pam.d/remote.

# vi /etc/pam.d/remote
auth   required  pam_listfile.so  item=group  sense=allow  file=/etc/user.deny  onerr=succeed

Denying telnet login to specific groups

We can also deny specific groups. Similar to above settings add the below line to the file /etc/pam.d/remote.

# vi /etc/pam.d/remote
auth   required  pam_listfile.so  item=group  sense=deny  file=/etc/user.deny  onerr=succeed

Troubleshooting telnet logins

Before troubleshooting telnet access from remote server, first try to check if telnet login works locally on the server.

# telnet localhost

You can also check if the iptables are turned on for the telnet port.

# iptables -L -t filter

You can allow access to telnet service through iptables, using below command.

# iptables -A INPUT -p tcp --dport 23 -j ACCEPT

Filed Under: CentOS/RHEL 5, CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. pvcreate Command Examples in Linux
  2. gdebi Command Examples in Linux
  3. hostnamectl Command Examples in Linux
  4. lslogins: command not found
  5. Understanding mpathconf Utility to configure DM-Multipath
  6. LVM Snapshot: Backup and restore LVM Partition in Linux
  7. swapoff: command not found
  8. Beginners Guide to Tuning Profiles in CentOS/RHEL
  9. How to enable bind query logging to find out Who’s Querying a Name Server
  10. debchange: command not found

You May Also Like

Primary Sidebar

Recent Posts

  • qsub Command Examples in Linux
  • qsub: command not found
  • qrcp Command Examples in Linux
  • qmrestore Command Examples in Linux

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright