Home » Features » How to disable Telnet in Linux

How to disable Telnet in Linux

Key Points
Introduction: Explains why leaving the Telnet service enabled is a security risk on Linux endpoints, since Telnet sessions are unencrypted and credentials or session data can be captured from network traffic, and why disabling Telnet is a recommended hardening step.
Quick setup: Shows how Vulnerability Manager Plus flags the “Telnet service is not disabled” misconfiguration and provides the exact remediation steps to disable Telnet by updating inetd/xinetd configurations and restarting the service so endpoints stop accepting Telnet connections.
Frequently Asked Questions: Covers practical questions about Telnet hardening, including what Telnet is used for, why it is unsafe compared to SSH, what may break in legacy environments after disabling it, whether a reboot is required, how to verify port 23 is no longer exposed, and safe alternatives for remote access.

Detect Telnet service is not disabled and similar misconfigurations quickly.

Spot Now

Introduction

Telnet is a legacy remote access protocol that allows users to connect to a Linux system over the network. Unlike modern alternatives, Telnet does not encrypt the session, which means usernames, passwords, and commands can be captured by anyone who can observe the traffic between the client and the server.

If your environment does not require Telnet for legacy administration, disabling it is a recommended Linux hardening step. It reduces the risk of credential exposure and prevents unencrypted remote logins on endpoints and servers, especially in networks where traffic may traverse shared segments or untrusted paths.

If a legacy dependency still requires Telnet, keep it tightly restricted. Limit access to trusted admin networks only, document the exception, and prefer migrating to SSH for secure, encrypted remote management wherever possible.

You can detect this misconfiguration (Telnet service is not disabled) using Vulnerability Manager Plus. This misconfiguration comes under the category of Linux - Insecure Services and has a Important severity.

Quick Setup

To detect this misconfiguration:

  • Open the Vulnerability Manager Plus console and go to Threats---> System Misconfiguration, and you can see the detected misconfigurations list.
  • In the misconfiguration list, use the search box to type Telnet and filter results to focus only on related findings.
  • Open the misconfiguration named Telnet service is not disabled, confirm it matches the expected finding, and review the details to understand why it is flagged.
  • Check the affected endpoints list to identify which devices need a fix, then prioritize devices where the service is reachable and not required.
  • For each affected device, plan remediation to disable Telnet and document the remediation goal.

To remediate the misconfiguration:

  • Disable Telnet via inetd:
    • Open /etc/inetd.conf and comment out or remove any lines starting with telnet.
    • Check /etc/inetd.d/* and comment out or remove any Telnet-related entries.
  • Disable Telnet via xinetd:
    • In /etc/xinetd.conf, set disable = yes for all Telnet service entries (if present).
    • In /etc/xinetd.d/*, set disable = yes for all Telnet service definitions.

This remediation does not require reboot.

Potential Operational Impact: Legacy protocols are present to support operations of legacy applications and services. Disabling them would cause those applications to stop functioning.

Scheduling reports keeps teams informed without needing to log in manually.

Refer to this page to know in detail more about misconfiguration hardening

Start your 30-day free trial and disable Telnet across your endpoints and stay secured.

Frequently Asked Questions

What is Telnet in Linux?

Telnet is a legacy remote access protocol that lets users connect to a Linux system over the network using a command-line session.

Why is Telnet considered insecure?

Telnet traffic is not encrypted. This means usernames, passwords, and commands can be captured by anyone who can observe the network traffic between the client and the server.

What does “disable Telnet” mean?

Disabling Telnet means the endpoint will no longer accept incoming Telnet connections, typically by disabling the Telnet service entry in inetd or xinetd configuration (or the Telnet socket/service if managed by systemd).

Will disabling Telnet affect SSH or other remote access?

No. Disabling Telnet does not impact SSH or other services unless they share separate configurations. SSH remains the recommended secure alternative for remote administration.

Do I need to uninstall Telnet packages to be secure?

Disabling the service is usually sufficient to stop remote Telnet access. Uninstalling Telnet packages is recommended if you do not need them, because it further reduces the attack surface.

Will disabling Telnet break anything?

It may affect legacy scripts, tools, or network devices that still rely on Telnet for remote management. If Telnet is required temporarily, restrict it to trusted admin networks and plan a migration to SSH.

How can I verify Telnet is disabled on an endpoint?

Verify that the system is not listening on TCP port 23 and that Telnet entries are removed/disabled in inetd/xinetd configuration. You can also confirm service status after restarting inetd/xinetd.

Is a reboot required after disabling Telnet?

No. A reboot is typically not required. After updating the configuration, restart the relevant service (inetd or xinetd) so the change takes effect.

What is the recommended replacement for Telnet?

SSH is the recommended replacement because it provides encrypted authentication and session traffic, making it suitable for secure remote administration.

What should I do after applying the fix?

After disabling Telnet, confirm the endpoint is no longer exposed on port 23, validate that required admin access still works via SSH, and document the change as part of your Linux hardening baseline.