Telnet

HomePage | Recent changes | View source | Discuss this page | Page history | Log in |

Printable version | Disclaimers | Privacy policy

Telnet is the name of a protocol used on the Internet. IETF document STD 8 (aka RFC 854 and RFC 855) starts: "The purpose of the TELNET Protocol is to provide a fairly general, bi-directional, eight-bit byte oriented communications facility." It is typically used to provide user oriented command line login sessions between hosts on the internet. Security experts deprecate telnet, see below.

By extension telnet is also the name of a program that a user can use to invoke a telnet session to a remote host; the telnet program provides the client part of the protocol. It is also used as a verb meaning to establish or use such a connexion, as in "If you need to change your password you need to telnet to the server and run the passwd command".

Telnet is a client-server protocol, it uses TCP, and clients generally connect to port 23 on the host providing the service (though like many protocols in use on the internet which port to use is fairly easy to change). Partly because of the design of the protocol and partly because of the flexibility typically provided by telnet programs it is also possible to use a telnet program to establish an interactive TCP connexion to some other service on an internet host. A classic use of this is telnetting to port 25 (where typically an SMTP server is to be found) to debug a mail server.

The telnet protocol can be divided into a core and a set of extensions. The core protocol is described by IETF documents RFC 854 and RFC 855 which are also collected together in STD 8. STD 8 defines fairly basic operating characteristics of the protocol and a means of defining and implementing extensions. There are many extensions, some of which have been adopted as Internet Standards, some of which haven't. IETF STD document numbers from 27 thru to 32 define various telnet extensions (most of which are extremely commonly implemented and used). Of the remaining extensions the most useful ones are probably those that are on the IETF standards track as proposed standards; details can be found in STD 1.


Security

As well as there being security vulnerabilities in telnet daemons, the telnet protocol does not encrypt any data (including passwords required for login) and so anybody able to monitor the network can trivially read confidential data and gain access to the user's account on the remote host. These flaws have seen the usage of the telnet protocol drop rapidly in favor of a more secure and functional protocol called SSH released in 1998. Experts in Computer Security such as SANS, and the members of the comp.os.linux.security newsgroup recommend that use of telnet for remote logins should be discontinued under all normal circumstances.

/Talk