The tutorial explains about how to change the telnet server port number on CentOS 7 / RHEL . We will keep SELINUX in enforcing mode and change the default port number 23 to some other port number. We believe you have already install telnet server on CentOS 7 / RHEL 7.

Task : Change telnet server default port number 23 to other port number.

IMPORTANT NOTE: Always select port number more than 1024 and should not be assigned to any running application.

We will change the telnet default port 23 to 2323.

Change Telnet Server Port Number

Follow the given below steps to change the telnet server port number.

1. Take backup of telnet.socket:

First take the backup of file called telnet.socket

cp -p /usr/lib/systemd/system/telnet.socket /root/telnet.socket.`date +%F`

2. Install policycoreutils-python :

To get semanage command install policycoreutils-python package.

yum install policycoreutils-python

3. Add custom telnet port number 2323 in SELINUX

Use below command to add port number 2323 for telnet service in SELINUX.

semanage port -a -t telnetd_port_t -p tcp 2323

check the status by below given command

semanage port -l | grep telnet

4. Change custom port in telnet.socket

First stop the telnet service

systemctl stop telnet.socket

Now change the value ListenStream=23 to ListenStream=2323 in telnet.socket file . It means, the telnet service will listen on port 2323 .

Edit the file /usr/lib/systemd/system/telnet.socket and change the value ListenStream=2323 .

vi /usr/lib/systemd/system/telnet.socket

[Unit]
Description=Telnet Server Activation Socket
Documentation=man:telnetd(8)

[Socket]
ListenStream=2323
Accept=true

[Install]
WantedBy=sockets.target

5. Now relaod systemctl :

Run below given command to reload systemctl after editing telnet.socket file.

systemctl daemon-reload

Start the telnet service

systemctl start telnet.socket

6. Allow port 2323 from source address in firewalld

Allow the port no. 2323 from source address in firewalld. On RHEL 7/CentOS 7 , firewalld is alternate for iptables.

In below given command, replace the source address=”192.168.56.0/24″ with your network address or client ip address.

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.56.0/24" port port="2323" protocol="tcp" log prefix="tftp-custom" level="info" limit value="1/m" accept'

7. Access telnet-server from remote system :

Because we have changed telnet server port number to 2323 . Here we have to run below given syntax from remote system to access the telnet server

Syntax:

telnet  

Example :

Telnet server IP Address : 192.168.56.101
Telnet custom port number : 2323

From remote system, run the command on terminal

telnet 192.168.56.101 2323

By default root user is not allowed to access telnet server. Hence, use the other system user.

Hint : To allow root user to access telnet-server, you have to work on pam file. But telnet is not allowed to access from public network and it is insecure. So we decided to end this tutorial here only.