# Multiple Telnet ports. 23 and 4404



## Derek C Johnstone (Jun 27, 2018)

Hi
This must be so easy, yet I can't find an answer.
I would like to have a telnet port on port 23 = normal installation
But also a telnet port on port 4404   so that I can have secure access through a firewall with port forwarding.
I have changed /etc/services telnet line to 4404 and that works fine, so no problems there.
But local users really want to keep on port 23.
Your help is appreciated. Regards  Derek


----------



## ShelLuser (Jun 27, 2018)

See the telnetd(8) manualpage ("`man telnetd`"). You can specify a port on the commandline. So all you'd have to do is to edit /etc/inetd.conf, copy the current telnetd entry and edit it to provide the other port number.

I'd still like to note that it's a _very_ bad idea to provide console access over telnet. Use sshd instead, which is also quite easy to set up, see /etc/ssh/sshd_config to provide an extra port and /etc/rc.conf to set it up so that the process will start.


----------



## Deleted member 54719 (Jun 27, 2018)

I really don't like being judgemental where security is concerned because only you know what your real security needs are...but, telnet is not used much anymore because ssh can do the exact same thing, but with the added bonus of being an encrypted channel, and can do some validation to make sure the the endpoints are who they say they are.  It also handles encrupted tunnelling of protocols well.  I frequently use ssh to tunnel vnc connections to my home workstation from the outside world.  You should read up on what ssh can do for you.


----------



## SirDice (Jun 28, 2018)

Derek C Johnstone said:


> I would like to have a telnet port on port 23 = normal installation


Don't use telnet(1)! Ever!


Derek C Johnstone said:


> But also a telnet port on port 4404 so that I can have secure access through a firewall with port forwarding.


"Hiding" a highly insecure protocol on some random port isn't going to make it "secure".

Seriously. Stop using telnet(1)! It's a clear text protocol, which means anyone can sniff the traffic, and that includes your usernames and passwords.


----------

