+++ Monday 23 June 2025 +++ Setting up telnetd on FreeBSD ============================= It is that time of the year again. We all get itchy, and can't wait for the new edition of the Old Computer Challenge to start. This is reflected in the kind of messages on the IRC channel. People start talking about the wonderful hardware they might use for the challenge. Encryption is always a problem ------------------------------ No matter what hardware or OS, when it is dated, encryption will be a problem. One encounter this problem, when connecting to almost any website, almost any Jabber provider, and so on. Another problem is connecting to local services in your own network. The old OS either doesn't come with ssh, or with an ssh that only supports outdated ciphers. Andreas did encounter this problem too, and setup a brilliant old-ssh to modern-ssh gateway [1]. This is a great solution. I wanted to try another way, and that is a telnetd-to-ssh gateway. Most old OS'es have a telnet client, so this should be a nice general solution. Telnetd on FreeBSD 14 --------------------- A FreeBSD jail is a great solution for a telnetd-to-ssh gateway. It is easy to setup, and can be started and stopped when needed. Setting up telnetd in a FreeBSD 14 jail: * install telnetd: pkg install freebsd-telnetd * allow telnet in inetd.conf: ed /etc/inetd.conf search for telnetd remove the #-char at the begin of the line * in /etc/rc.conf, add the lines: telnetd_enable="YES" inetd_enable="YES" And start inetd. Now you can play with firewall rules to make it a bit more secure, but remember that telnet died because it sends all your passwords and other secrets in plain text over the line ... Testing ------- A great way to test is to fire up Qemu with that old Linux or BSD system, and give it a go! Happy telnetting! Update: ------- 2025-06-24 Change of telnetd line ................................. First I had set 'telnetd -a user' in inetd.conf, but this made it not possible to log in from Mac OS X 10.3.9. Now I have removed this, and just kept the origina 'telnetd' at the end of the line. [1]: https://82mhz.net/posts/2025/06/using-a-raspberry-pi-as-a-jumphost-to-ssh-from-an-old-computer-into-a-modern-one/ Last edited: $Date: 2025/06/24 19:20:49 $