Puppet Class: cis_security_hardening::rules::telnet_client

Defined in:
manifests/rules/telnet_client.pp

Summary

Ensure telnet client is not installed

Overview

The telnet package contains the telnet client, which allows users to start connections to other systems via the telnet protocol.

Rationale: The telnet protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow an unauthorized user to steal credentials. The ssh package provides an encrypted session and stronger security and is included in most Linux distributions.

Examples:

class { 'cis_security_hardening::rules::telnet_client':
    enforce => true,
}

Parameters:

  • enforce (Boolean) (defaults to: false)

    Enforce the rule



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
# File 'manifests/rules/telnet_client.pp', line 21

class cis_security_hardening::rules::telnet_client (
  Boolean $enforce = false,
) {
  if $enforce {
    case $facts['os']['family'].downcase() {
      'suse': {
        ensure_packages(['telnet'], {
            ensure => 'absent',
        })
      }
      default: {
        ensure_packages(['telnet'], {
            ensure => 'purged',
        })
      }
    }
  }
}