telnetd.1m (2010 09)
t
telnetd(1M) telnetd(1M)
A typical configuration may consist of one or more secure front-end systems and a
network of participating hosts. Users who have successfully logged onto the front-
end system may telnet directly to any participating system without being
prompted for another login.
-y Set the behavior for stty 0
to instruct telnetd to close the connection on the
shell command
stty 0 or whenever the telnet
client communicates with tel-
netd to arrive upon 0 baud rate for
TELOPT_TERMSPEED
.
-z This option allows users to set the
BUFFERTIMEOUT value. This option, when set,
informs
telnetd how long it should wait before timing out and flushing the con-
catenated user data to TCP. Note that the
TIMEOUT value is measured in clock
ticks (10 ms) and not in seconds. This option is set with integer values. There is no
specified default.
-E This option allows the erase character for the terminal to be echoed on screen at the
login prompt. The erase character can be set using the
stty command.
-TCP_DELAY This option allows the users to disable the
TCP_NODELAY socket option. When
telnetd is invoked with this option, small writes over
telnetd may concatenate
at the tcp level so that larger tcp packets are sent to the client at less frequent
intervals.
NOTE: Using the
-TCP_DELAY option with the -z and -s options is not recom-
mended.
To configure
telnetd to use the -TCP_DELAY option, the entry in /etc/inetd.conf
would be:
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -TCP_DELAY
To work in the IPv6 environment using the -TCP_DELAY option, the entry in
/etc/inetd.conf
would be:
telnet stream tcp6 nowait root /usr/lbin/telnetd telnetd -TCP_DELAY
NOTE: tcp has changed to tcp6 for IPv6.
To configure
telnetd to have a BUFFERSIZE of 100 bytes and a BUFFERTIMEOUT
of 100 ticks, the
entry in
/etc/inetd.conf
would be:
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -s100 -z100
To work in the IPv6 environment, the entry in /etc/inetd.conf
would be:
telnet stream tcp6 nowait root /usr/lbin/telnetd telnetd -s100 -z100
NOTE: tcp has changed to tcp6 for IPv6.
Kerberos-specific Options
In Kerberos mode,
inetd can start telnetd with the following lines in /etc/inetd.conf
:
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -A
or
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -a valid
The -A option is used to ensure that non-secure systems are denied access to the server. It overrides any
value specified with the -a option except when authmode is debug. See the sis (5) manpage.
The
-a authmode option specifies what mode is to be used for Kerberos authentication. See the sis(5)
manpage. Values for authmode are:
debug Activates authentication debugging.
valid Default value. Only allows connections when the remote user can provide valid Kerberos
authentication information and is authorized to access the specified account.
none Authentication information is not required. If no or insufficient Kerberos authentication
information is provided, the login program provides the necessary user verification.
See the login (1) manpage.
The
-f option instructs telnetd to use the normal authentication mode whenever the telnet client
communicates NULL type in the authentication option negotiation.
HP-UX 11i Version 3: September 2010 − 3 − Hewlett-Packard Company 3