← Rules Catalog
mediumservicesverified rollback-safe

Ensure telnet client is not installed

package-telnet-removed · RHEL ≥ 8 · 2 impls

Description

The telnet package provides an insecure remote login client that transmits credentials and data in cleartext. It should not be installed.

Rationale

Telnet transmits all data including passwords in cleartext, making it trivial to intercept credentials. SSH should be used for all remote access needs.

Check → Remediate

Checkpackage_state
name:
telnet
state:
absent
Remediatepackage_absent
name:
telnet

Framework references

CIS

rhel9 2.2.4rhel8 2.2.4rhel10 2.2.3

NIST 800-53

CM-7IA-5

Live verification

rhel10:checkrhel8:checkrhel9:check
#package#telnet#client#security