logoCndocs
Network Testing

Telnet Command in Linux

Introduction

The telnet command is a versatile network utility that allows users to establish connections to remote systems and test TCP port connectivity. Originally designed as a remote login protocol, telnet enables users to interact with remote hosts through a command-line interface. While largely replaced by more secure protocols like SSH for remote administration, telnet remains an invaluable tool for network diagnostics, port testing, and working with legacy systems.

Telnet operates using a client-server model, where the telnet client on your local machine connects to a telnet server on a remote host. Once connected, your terminal becomes a virtual terminal for the remote system, allowing you to execute commands as if you were physically present at that machine.

Telnet Command Example

How Telnet Works

Telnet works by establishing a TCP connection between a client and server:

  1. The client initiates a connection to the server on a specific port (default is port 23 for telnet services)
  2. If the connection is successful, the client and server negotiate parameters for the session
  3. Once the connection is established, data is transmitted in plain text between the client and server
  4. The client's terminal becomes a virtual terminal for the remote system

It's important to note that telnet transmits all data, including usernames and passwords, in plain text without encryption. This makes it vulnerable to eavesdropping and is the primary reason it has been largely replaced by SSH for remote administration.

Installation

Telnet is not installed by default on many modern Linux distributions. To install it:

On Debian/Ubuntu-based systems:

sudo apt update
sudo apt install telnet

On Red Hat/CentOS/Fedora systems:

sudo yum install telnet
# or
sudo dnf install telnet

To verify the installation:

telnet --version
# or
which telnet

Basic Syntax

The basic syntax of the telnet command is:

telnet [options] [host [port]]

Where:

  • options: Various flags that modify the behavior of the command
  • host: The hostname or IP address of the remote system
  • port: The port number to connect to (default is 23)

Basic Usage

Connecting to a Remote Host

To connect to a remote host using the default telnet port (23):

telnet example.com

If the remote host is running a telnet server on the default port, you'll be prompted for login credentials.

Connecting to a Specific Port

To connect to a specific port on a remote host:

telnet example.com 80

This example connects to port 80 (HTTP) on example.com, which is useful for testing web server connectivity.

Testing Port Connectivity

One of the most common uses of telnet today is to check if a specific port on a remote system is open and accessible:

telnet 192.168.1.1 22

If the connection is successful, you'll see output similar to:

Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5

This indicates that port 22 (SSH) on the specified IP address is open and accepting connections.

If the connection fails, you'll see an error message like:

Trying 192.168.1.1...
telnet: Unable to connect to remote host: Connection refused

This indicates that the port is either closed or blocked by a firewall.

Advanced Usage

Interacting with Web Servers

Telnet can be used to manually send HTTP requests to web servers:

telnet example.com 80

After connecting, you can type an HTTP request:

GET / HTTP/1.1
Host: example.com

(Press Enter twice after the "Host:" line to send the request)

The server will respond with the HTTP headers and content of the requested page.

Checking Email Servers

You can use telnet to interact with SMTP servers (port 25) to test email delivery:

telnet mail.example.com 25

After connecting, you can manually enter SMTP commands:

HELO client.example.com
MAIL FROM: <sender@example.com>
RCPT TO: <recipient@example.com>
DATA
Subject: Test Email

This is a test email.
.
QUIT

Telnet Command Mode

While connected to a remote host, you can enter telnet command mode by pressing Ctrl+]. This gives you access to telnet client commands:

telnet> help

Common telnet commands include:

  • close: Close the current connection
  • quit: Exit telnet
  • status: Display current status
  • z: Suspend telnet
  • ? or help: Display help information

Security Considerations

Security Risks

Telnet has several significant security vulnerabilities:

  1. No Encryption: All data, including usernames and passwords, is transmitted in plain text
  2. Susceptible to Eavesdropping: Anyone with access to the network path can intercept telnet traffic
  3. Man-in-the-Middle Attacks: Attackers can intercept and modify telnet communications
  4. No Authentication of Servers: Telnet doesn't verify the identity of the server you're connecting to

Secure Alternatives

For secure remote administration, consider these alternatives:

  1. SSH (Secure Shell): Provides encrypted communications and strong authentication
  2. HTTPS: For web server interactions
  3. SFTP/SCP: For secure file transfers
  4. OpenVPN: For secure network connectivity

When to Use Telnet

Despite its security limitations, telnet is still useful for:

  1. Port Testing: Checking if specific TCP ports are open
  2. Network Diagnostics: Troubleshooting network connectivity issues
  3. Legacy Systems: Accessing older systems that don't support SSH
  4. Protocol Testing: Manually testing HTTP, SMTP, and other text-based protocols

Firewall Configuration

To use telnet effectively, you may need to configure your firewall to allow telnet traffic:

For UFW (Ubuntu/Debian)

sudo ufw allow 23/tcp  # Allow incoming telnet connections
sudo ufw reload

For Firewalld (CentOS/RHEL)

sudo firewall-cmd --add-port=23/tcp --permanent
sudo firewall-cmd --reload

Telnet vs. SSH Comparison

FeatureTelnetSSH
SecurityNo encryption (plain text)Encrypted communications
Default Port2322
AuthenticationBasic username/passwordMultiple methods (password, key-based)
Data IntegrityNo verificationEnsures data integrity
Server AuthenticationNoneVerifies server identity
Modern UsageNetwork diagnostics, port testingSecure remote administration

Practical Examples

Example 1: Testing Web Server Connectivity

To check if a web server is running and accessible:

telnet example.com 80

If successful, you can send an HTTP request:

GET / HTTP/1.1
Host: example.com

Example 2: Checking SMTP Server

To test an email server:

telnet mail.example.com 25

Example 3: Testing Database Connectivity

To check if a MySQL/MariaDB server is accessible:

telnet database.example.com 3306

Example 4: Verifying SSH Server

To check if an SSH server is running:

telnet server.example.com 22

Example 5: Testing Custom Application Ports

To check if a custom application is listening on a specific port:

telnet application.example.com 8080

Troubleshooting Telnet Issues

Common Error Messages

  1. "Connection refused": The port is not open or the service is not running
  2. "No route to host": Network routing issue or host is down
  3. "Connection timed out": Firewall blocking the connection or host is unreachable
  4. "Unknown host": DNS resolution failure

Resolving Connection Issues

  1. Verify the hostname/IP: Ensure you're using the correct address
  2. Check network connectivity: Use ping to verify basic connectivity
  3. Verify the service is running: Check if the service is active on the remote host
  4. Check firewall settings: Ensure firewalls aren't blocking the connection
  5. Verify DNS resolution: Use nslookup or dig to check DNS resolution

Disabling Telnet for Security

If you're concerned about security, you should disable the telnet service on your systems:

# Stop the telnet service
sudo systemctl stop telnet
 
# Disable telnet from starting at boot
sudo systemctl disable telnet
 
# Block telnet port in the firewall
sudo ufw deny 23/tcp  # For Ubuntu/Debian
# or
sudo firewall-cmd --remove-port=23/tcp --permanent  # For CentOS/RHEL
sudo firewall-cmd --reload

Conclusion

The telnet command remains a valuable tool for network diagnostics and testing TCP port connectivity, despite its security limitations for remote administration. By understanding how to use telnet effectively and being aware of its security implications, system administrators and network engineers can leverage this versatile utility for troubleshooting network issues and testing connectivity to various services.

For secure remote administration, always use SSH or other encrypted protocols instead of telnet. However, keep telnet in your toolkit for those situations where you need to quickly test network connectivity or interact with text-based network protocols.

Test Your Knowledge

Take a quiz to reinforce what you've learned

Exam Preparation

Access short and long answer questions for written exams

Share this page
WhatsAppTwitter/X

mtr

A comprehensive guide to combining ping and traceroute with the mtr command

nc

A comprehensive guide to reading and writing data across networks with the netcat command

On this page

Edit on Github