Telnet

Lost_in_Cyberia · March 18, 2014, 2:04am

Hey everyone. Something has been bothering me. The telnet program, while I know is insecure, offers a ton of functionality. I can literally test any port's availability. I can send commands to web servers, and email servers, and it's a great toubleshooting tool. can any of this be done with SSH? I know ssh allows you to securely log into a remote computer, and that has it's purpose, but can ssh, do what telnet can in the troubleshooting?

fpmurphy · March 18, 2014, 4:49am

Many people, myself included, use a telnet client for troubleshooting purposes precisely because it can do things ssh cannot do.

Corona688 · March 18, 2014, 12:36pm

Telnet is an insecure way to login to something, not because it's "telnet", but because it's a raw network connection which sends pure text. In other words, it's not telnet that's insecure, it's the way you use it. It's just a raw network connection. That it's totally raw allows it to connect to HTTP, FTP, POP3, etc with equal ease. It can't tell the difference. It's just a socket() call.

ssh isn't useful as a diagnostic tool the way telnet is because it has a complex protocol. You can telnet into FTP, HTTP, and POP3 servers to see what's going on, and it won't care that one sends 'HELLO', another sends '404 not found', another prints 'LOGIN', or whatever -- it just dumps it all to the screen as-is. SSH will expect a key exchange or something and crash out when given anything else.

FTP via telnet is no safer than FTP with an FTP client, also. It's not some weird property of telnet which makes telnet insecure -- it's that it's a raw network connection which anything can peek on. FTP is also usually raw. (sftp is not ftp, it's ssh -- it just looks like it from the client point of view. ftps, which is pretty rare, actually is FTP, tunneled in an SSH connection.)

Another useful and common utility is netcat, usually "nc", which is a raw connection like telnet but contains many more options for automatic use.

DGPickett · March 18, 2014, 1:20pm

Yes, netcat is probably better about hanging around, as telnet will exit if stdin eof, so to see output, you need to linger:

#!/usr/bin/ksh
 
(
sleep 2
 
echo 'GET / HTTTP/1.0
 
 
'
sleep 10
)|telnet www.ibm.com 80 >index-www.ibm.com

Lost_in_Cyberia · March 21, 2014, 7:52pm

Thanks for the reply to this! Corona, when you use telnet to connect to an http server like apache or something, what does the web server see? Does it think it's communicating with a web browser?

DGPickett · March 25, 2014, 4:09pm

You can type in the things that browsers do, but it is all by hand; the tool telnet is just a TCP pipeline. Everything before the first blank line is the http header. But otherwise, it has no clue past the http version on the GET/POST line. Since HTTP/1.0 does not allow persistent connections and multiple queries on a connection, I stick with that.

Corona688 · March 27, 2014, 3:29pm

Sorry, I missed this question. It sees the same thing it always does, a TCP connection to port 80, it can't tell it apart from a 'real' web browser.