[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: CUPS, Alpine, and printserving



On Sat, 2008-11-01 at 18:08 +0000, Beartooth wrote:
>         Oho! Then all those who said "get rid of telnet" really
> *meant* "get rid of telnet-server." Right?

Yes, but there's more to it than that.  Having a telnet server is a
security risk.  Using telnet over an open wire is a security risk (what
you type is not encrypted, so passwords can be snooped on, etc.).

So, do not use telnet where you don't have to.  But it's certainly a
useful tool to try and connect to some server to see what it responds
with.  You can connect to a webserver, etc., using the telnet client,
and what you do is no riskier than using a web browser.  Just don't type
confidential stuff when not encrypted.

>         So does that mean I should run "yum install telnet" on all 
> machines?

Only if you want to be able to use the telnet program on them to connect
to some server.

> With the server on none?

I wouldn't install a telnet server anywhere.  You don't need it, as
you've got plenty of other better options for remote accessing a
machine, such as SSH.  It's not like we don't have better options that
we're forced to make do with telnet.

> What responds to "telnet 192.168.a.b 631" on a machine with no telnet
> at all? 

A telnet server listens on port 23, by default.  And you could log in
and have a remote shell through it.  Without that server, you can't do
*that*.  But, you can use the telnet client to connect with other types
of servers (mail, HTTP, etc.), and those servers will be the thing that
responds.  Some will be useable, some can't really be interacted with in
a useful manner.

If you telnet to port 631, it'll be the CUPS server that responds, if it
can (CUPS has to be working, and allowing connections over the network
that you're trying to access it).
> 
> For that matter, what about "ssh 192.168.a.b 631" instead? I am 
> at least relatively familiar with ssh.

That's not going to work, as CUPS listening on port 631 won't know
anything about the SSL encryption that SSH uses, and there's a different
syntax for specifying non-default ports with SSH.

Telnet is little more than a remote terminal over a network.

-- 
[tim localhost ~]$ uname -r
2.6.26.6-79.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]