Chapter 5
Telnet
Telnet is sort of the grandfather of remote management tools, although it didn't start that way. It
was originally intended as a terminal emulator, allowing relatively "dumb" terminal workstations
to connect to a more powerful mainframe. Today, Telnet provides remote command-line access
for most UNIX-based systems and for most managed network devices.
Telnet has been around since the beginning of the network that would eventually become today's
Internet, having been first defined in RFC 97 back in 1971. The most recent RFCs dealing with Telnet
include 2941-2953 for Telnet encryption and authentication, 1571-1572 for various Telnet options,
and so forth. Searching the RFC index at
for the word "Telnet"
yields a surprising number of hits, underscoring the foundational nature of this protocol.
Telnet Theory of Operation
Telnet is perhaps one of the simplest protocols associated with the Internet, and is certainly one
of the older ones, having been first defined in 1971. Essentially, a Telnet client sends your
keystrokes to a remote computer, which processes them however it needs to. The output from the
remote computer is sent to your Telnet client, where it is displayed for you to read. You can
think of Telnet as a sort of remote keyboard, electronically attached via TCP/IP to a distant
computer.
A large number of other Internet protocols are based on Telnet. The SMTP and POP3 protocols, in
fact, simply use Telnet sessions with a defined, automated format for interaction between server and
client. You can even use a Telnet session to, for example, conduct a manual SMTP session by
having the client connect to an SMTP server on port 25 (the default SMTP port). Knowing that Telnet
underlies other protocols makes it easier to understand how those protocols work and what
operational or security issues they might contain as a result of being based on Telnet.
Telnet operation is simple: Character codes are sent and received. There is a bit of complexity
involved in newer options such as flow control, the ability to send extended characters (those
beyond ASCII 128), and so forth; for the most part, however, these features won't affect a
network configuration management implementation.
You might need to know some specifics when connecting to older devices; Telnet is designed to
emulate several popular terminal devices, such as VT-100, TTY, 5250, and so forth; older
network devices might require a Telnet connection for a specific emulation mode--check their
documentation for details. Newer devices often support a range of emulation modes and will
negotiate one with the Telnet client.
Due in part to its age--Telnet was created at a time when only a few hundred people had access
to the network that would become the Internet--Telnet doesn't incorporate much in the way of
security. Certainly, the remote system (such as a network device) can require you to enter a
username and password to gain access, but Telnet passes that information--in the form of
keystrokes--in clear text.
100