Skip to content

Uninstall the ssl compliant telnet server

An XCCDF Rule

Description

The telnet daemon, even with ssl support, should be uninstalled.

Rationale

telnet, even with ssl support, should not be installed. When remote shell is required, up-to-date ssh daemon can be used.

ID
xccdf_org.ssgproject.content_rule_package_telnetd-ssl_removed
Severity
High
References
Updated



Remediation - Anaconda Pre-Install Instructions


package --remove=telnetd-ssl

Remediation - Ansible

- name: Ensure telnetd-ssl is removed
  package:
    name: telnetd-ssl
    state: absent
  tags:
  - NIST-800-53-CM-6(a)

Remediation - Puppet

include remove_telnetd-ssl

class remove_telnetd-ssl {
  package { 'telnetd-ssl':
    ensure => 'purged',
  }

Remediation - Shell Script


# CAUTION: This remediation script will remove telnetd-ssl
#	   from the system, and may remove any packages
#	   that depend on telnetd-ssl. Execute this
#	   remediation AFTER testing on a non-production
#	   system!