mediumservicesverified ✓rollback-safe
Ensure telnet client is not installed
package-telnet-removed · RHEL ≥ 8 · 2 impls
Description
The telnet package provides an insecure remote login client that transmits credentials and data in cleartext. It should not be installed.
Rationale
Telnet transmits all data including passwords in cleartext, making it trivial to intercept credentials. SSH should be used for all remote access needs.
Check → Remediate
Checkpackage_state
- name:
- telnet
- state:
- absent
Remediatepackage_absent
- name:
- telnet
Framework references
CIS
rhel9 2.2.4rhel8 2.2.4rhel10 2.2.3
NIST 800-53
CM-7IA-5
Live verification
rhel10:checkrhel8:checkrhel9:check
#package#telnet#client#security