telnet

Telnet to the default port of a host

$ telnet [host]

$ telnet [ip_address] [port]

$ quit

$ <Ctrl ]>

$ telnet [[-e|--escape]] [x] [ip_address] [port]

$ telnet [towel.blinkenlights.nl]

telnet [options] [host [port]]
telnet [command] (for entering telnet command mode)

-4
    Forces telnet to use IPv4 addresses only for host resolution.

-6
    Forces telnet to use IPv6 addresses only for host resolution.

-a
    Attempts automatic login using the current username if supported by the remote host.

-e escape_char
    Sets the escape character for telnet. The default is Ctrl+]. This character brings up the telnet prompt.

-l user
    Specifies a username to be used for automatic login on the remote system, bypassing a login prompt if possible.

host
    The remote hostname or IP address to connect to. This is the primary target for the connection.

port
    The destination port number or service name on the remote host. If omitted, telnet defaults to port 23 (the standard TELNET port).

telnet is a command-line utility and protocol used for interactive text-oriented communication with a remote host or server. It enables a user to log in to a remote computer and execute commands as if they were sitting at the remote machine. Initially designed for remote terminal access, telnet operates by establishing a TCP connection to the specified host and port, then sending keystrokes from the local machine to the remote host and displaying the remote host's output back to the local terminal. Its primary use was for remote shell access on Unix-like systems.

However, a significant drawback of telnet is its lack of encryption. All data, including usernames, passwords, and transmitted commands, is sent in plaintext over the network. This makes it highly vulnerable to eavesdropping and interception by malicious actors, rendering it insecure for most modern applications, especially over public networks. Consequently, telnet has largely been superseded by more secure protocols like SSH (Secure Shell) for remote administration. Despite its security flaws, telnet can still be useful for basic network diagnostics, such as checking if a specific port is open on a remote server, or for interacting with simple plaintext services that don't require encryption (e.g., some SMTP, HTTP, or POP3 servers for manual debugging).

Security Risk: All data, including usernames and passwords, is transmitted in plaintext over the network, making it highly vulnerable to interception and eavesdropping. It is not recommended for secure remote login.

Obsolete for Remote Login: Largely superseded by SSH (Secure Shell) for secure remote access and administration due to its cryptographic protection.

Firewall Blocking: Many modern firewalls block incoming and outgoing connections on the default TELNET port (23) due to its inherent insecurity.

When no port is specified, telnet defaults to connecting to port 23, which is the standard port assigned to the TELNET service.

While connected, pressing the escape character (default Ctrl+]) allows the user to drop into the local telnet command prompt. From this prompt, commands like open, close, quit, status, and set can be issued to control the telnet client.

Despite its security limitations, telnet is still commonly used by network administrators and developers for basic network diagnostics, such as checking if a specific port is open and listening on a remote server, or to manually send commands to services like HTTP, SMTP, or POP3 for debugging purposes. For example, telnet example.com 80 can be used to manually interact with a web server.

The TELNET protocol is one of the oldest network protocols, originally developed in 1969 as part of the ARPANET project. It was designed to provide a standardized method for remote terminal access, allowing users to interact with distant mainframe computers as if they were local terminals. For many years, telnet was the primary method for remote login and administration on Unix-like systems and other networked computers.

However, its fundamental design flaw – the lack of any encryption – became a critical security vulnerability as network security concerns grew. The ability for anyone on the network path to easily intercept and read all transmitted data, including sensitive credentials, led to its decline. By the mid-1990s, the development of SSH (Secure Shell) provided a cryptographically secure alternative, which quickly became the industry standard for remote access, effectively making telnet obsolete for secure applications. Despite this, telnet clients remain available in most operating systems, often used for basic network diagnostics or interacting with unencrypted legacy services.

ssh(1), nc(1), netcat(1), ping(8), traceroute(8)