Telnet is an

application protocol An application layer is an abstraction layer that specifies the shared communications protocols and interface methods used by hosts in a communications network. An ''application layer'' abstraction is specified in both the Internet Protocol Su ...

used on the

Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...

local area network A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, university campus or office building. By contrast, a wide area network (WAN) not only covers a larger ...

to provide a bidirectional interactive text-oriented communication facility using a virtual

terminal Terminal may refer to: Computing Hardware * Terminal (electronics), a device for joining electrical circuits together * Terminal (telecommunication), a device communicating over a line * Computer terminal, a set of primary input and output dev ...

connection. User data is interspersed

in-band In telecommunications, in-band signaling is the sending of control information within the same band or channel used for data such as voice or video. This is in contrast to out-of-band signaling which is sent over a different channel, or even o ...

with Telnet control information in an 8-bit byte oriented data connection over the

Transmission Control Protocol The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly ...

(TCP). Telnet was developed in 1969 beginning with , extended in , and standardized as

Internet Engineering Task Force The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...

(IETF) Internet Standard STD 8, one of the first Internet standards. The name stands for " teletype network". Historically, Telnet provided access to a

command-line interface A command-line interpreter or command-line processor uses a command-line interface (CLI) to receive commands from a user in the form of lines of text. This provides a means of setting parameters for the environment, invoking executables and pro ...

on a remote host. However, because of serious security concerns when using Telnet over an open network such as the Internet, its use for this purpose has waned significantly in favor of

SSH The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on ...

. The term ''telnet'' is also used to refer to the software that implements the client part of the protocol. Telnet client applications are available for virtually all

computer platforms A computing platform or digital platform is an environment in which a piece of software is executed. It may be the hardware or the operating system (OS), even a web browser and associated application programming interfaces, or other underlying so ...

. ''Telnet'' is also used as a

verb A verb () is a word (part of speech) that in syntax generally conveys an action (''bring'', ''read'', ''walk'', ''run'', ''learn''), an occurrence (''happen'', ''become''), or a state of being (''be'', ''exist'', ''stand''). In the usual descri ...

. ''To telnet'' means to establish a connection using the Telnet protocol, either with a command line client or with a graphical interface. For example, a common directive might be: "''To change your password, telnet into the server, log in and run the

passwd passwd is a command on Unix, Plan 9, Inferno, and most Unix-like operating systems used to change a user's password. The password entered by the user is run through a key derivation function to create a hashed version of the new password, wh ...

command.''" In most cases, a user would be ''telnetting'' into a

Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...

server system or a network device (such as a router).

History and standards

Telnet is a client-server protocol, based on a reliable

connection-oriented Connection-oriented communication is a network communication mode in telecommunications and computer networking, where a communication session or a semi-permanent connection is established before any useful data can be transferred. The establish ...

transport. Typically, this protocol is used to establish a connection to

(TCP)

port number In computer networking, a port is a number assigned to uniquely identify a connection endpoint and to direct data to a specific service. At the software level, within an operating system, a port is a logical construct that identifies a specific ...

23, where a Telnet server application (telnetd) is listening. Telnet, however, predates TCP/IP and was originally run over Network Control Protocol (NCP). Even though Telnet was an ad hoc protocol with no official definition until March 5, 1973, the name actually referred to ''Teletype Over Network Protocol'' as the RFC 206 (NIC 7176) on Telnet makes the connection clear: Essentially, it used an 8-bit channel to exchange 7-bit ASCII data. Any byte with the high bit set was a special Telnet character. On March 5, 1973, a Telnet protocol standard was defined at

UCLA The University of California, Los Angeles (UCLA) is a public land-grant research university in Los Angeles, California. UCLA's academic roots were established in 1881 as a teachers college then known as the southern branch of the California St ...

with the publication of two NIC documents: Telnet Protocol Specification, NIC 15372, and Telnet Option Specifications, NIC 15373. Many extensions were made for Telnet because of its negotiable options protocol architecture. Some of these extensions have been adopted as

Internet standard In computer network engineering, an Internet Standard is a normative specification of a technology or methodology applicable to the Internet. Internet Standards are created and published by the Internet Engineering Task Force (IETF). They allow ...

s, IETF documents STD 27 through STD 32. Some extensions have been widely implemented and others are proposed standards on the IETF standards track (see below) Telnet is best understood in the context of a user with a simple terminal using the local Telnet program (known as the client program) to run a logon session on a remote computer where the user's communications needs are handled by a Telnet server program.

Security

When Telnet was initially developed in 1969, most users of networked computers were in the computer departments of academic institutions, or at large private and government research facilities. In this environment, security was not nearly as much a concern as it became after the bandwidth explosion of the 1990s. The rise in the number of people with access to the Internet, and by extension the number of people attempting to

hack Hack may refer to: Arts, entertainment, and media Games * ''Hack'' (Unix video game), a 1984 roguelike video game * ''.hack'' (video game series), a series of video games by the multimedia franchise ''.hack'' Music * ''Hack'' (album), a 199 ...

other people's

server Server may refer to: Computing *Server (computing), a computer program or a device that provides functionality for other programs or devices, called clients Role * Waiting staff, those who work at a restaurant or a bar attending customers and su ...

s, made encrypted alternatives necessary. Experts in

computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...

, such as

SANS Institute The SANS Institute (officially the Escal Institute of Advanced Technologies) is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for t ...

, recommend that the use of Telnet for remote logins should be discontinued under all normal circumstances, for the following reasons: * Telnet, by default, does not

encrypt In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can deci ...

any data sent over the connection (including passwords), and so it is often feasible to eavesdrop on the communications and use the password later for malicious purposes; anybody who has access to a router,

switch In electrical engineering, a switch is an electrical component that can disconnect or connect the conducting path in an electrical circuit, interrupting the electric current or diverting it from one conductor to another. The most common type of ...

, hub or gateway located on the network between the two hosts where Telnet is being used can intercept the packets passing by and obtain login, password and whatever else is typed with a

packet analyzer A packet analyzer, also known as packet sniffer, protocol analyzer, or network analyzer, is a computer program or computer hardware such as a packet capture appliance, that can intercept and log traffic that passes over a computer network or ...

. * Most implementations of Telnet have no authentication that would ensure communication is carried out between the two desired

host A host is a person responsible for guests at an event or for providing hospitality during it. Host may also refer to: Places * Host, Pennsylvania, a village in Berks County People *Jim Host (born 1937), American businessman * Michel Host ...

s and not intercepted in the middle. * Several

vulnerabilities Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally." A window of vulnerability (WOV) is a time frame within which defensive measures are diminished, com ...

have been discovered over the years in commonly used Telnet

daemon Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and Greek mythology, mythology and of later Hellenistic religion and Hell ...

s. These security-related shortcomings have seen the usage of the Telnet protocol drop rapidly, especially on the public

, in favor of the

Secure Shell The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on ...

(SSH) protocol, first released in 1995. SSH has practically replaced Telnet, and the older protocol is used these days only in rare cases to access decades-old legacy equipment that does not support more modern protocols. SSH provides much of the functionality of telnet, with the addition of strong encryption to prevent sensitive data such as passwords from being intercepted, and

public key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic al ...

authentication, to ensure that the remote computer is actually who it claims to be. As has happened with other early Internet protocols, extensions to the Telnet protocol provide

Transport Layer Security Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securi ...

(TLS) security and

Simple Authentication and Security Layer Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols. It decouples authentication mechanisms from application protocols, in theory allowing any authentication mechanism supported ...

(SASL) authentication that address the above concerns. However, most Telnet implementations do not support these extensions; and there has been relatively little interest in implementing these as SSH is adequate for most purposes. It is of note that there are a large number of industrial and scientific devices which have only Telnet available as a communication option. Some are built with only a standard RS-232 port and use a serial server hardware appliance to provide the translation between the TCP/Telnet data and the RS-232 serial data. In such cases, SSH is not an option unless the interface appliance can be configured for SSH (or is replaced with one supporting SSH). Telnet is still used by hobbyists, especially among

amateur radio Amateur radio, also known as ham radio, is the use of the radio frequency spectrum for purposes of non-commercial exchange of messages, wireless experimentation, self-training, private recreation, radiosport, contesting, and emergency communic ...

operators. The

Winlink Winlink, or formally, Winlink Global Radio Email (registered US Service Mark), also known as the Winlink 2000 Network, is a worldwide radio messaging system that uses amateur-band radio frequencies and government frequencies to provide radio int ...

protocol supports packet radio via a Telnet connection.

Telnet 5250

IBM 5250 or 3270 workstation emulation is supported via custom telnet clients,

TN5250 IBM 5250 is a family of block-oriented terminals originally introduced with the IBM System/34 midrange computer systems in 1977. It also connects to the later System/36, System/38, and IBM AS/400 systems, and to IBM Power Systems systems running ...

TN3270 The IBM 3270 is a family of block oriented display and printer computer terminals introduced by IBM in 1971 and normally used to communicate with IBM mainframes. The 3270 was the successor to the IBM 2260 display terminal. Due to the text ...

, and IBM i systems. Clients and servers designed to pass

IBM 5250 IBM 5250 is a family of block-oriented terminals originally introduced with the IBM System/34 midrange computer systems in 1977. It also connects to the later System/36, System/38, and IBM AS/400 systems, and to IBM Power Systems systems runni ...

data streams over Telnet generally do support SSL encryption, as SSH does not include 5250 emulation. Under IBM i (also known as OS/400), port 992 is the default port for secured telnet.

Telnet data

All data octets except 0xff are transmitted over Telnet as is. (0xff, or 255 in decimal, is the IAC byte (Interpret As Command) which signals that the next byte is a telnet command. The command to insert 0xff into the stream is 0xff, so 0xff must be escaped by doubling it when sending data over the telnet protocol.) Telnet client applications can establish an interactive TCP session to a port other than the Telnet server port. Connections to such ports do not use IAC and all octets are sent to the server without interpretation. For example, a

command line A command-line interpreter or command-line processor uses a command-line interface (CLI) to receive commands from a user in the form of lines of text. This provides a means of setting parameters for the environment, invoking executables and pro ...

telnet client could make an HTTP request to a web server on TCP port 80 as follows: $ telnet www.example.com 80 GET /path/to/file.html HTTP/1.1 Host: www.example.com Connection: close There are other TCP terminal clients, such as

netcat netcat (often abbreviated to nc) is a computer networking utility for reading from and writing to network connections using TCP or UDP. The command is designed to be a dependable back-end that can be used directly or easily driven by other p ...

socat netcat (often abbreviated to nc) is a computer networking utility for reading from and writing to network connections using Transmission Control Protocol, TCP or User Datagram Protocol, UDP. The command (computing), command is designed to be a ...

on UNIX and

PuTTY Putty is a material with high plasticity, similar in texture to clay or dough, typically used in domestic construction and repair as a sealant or filler. Although some types of putty (typically those using linseed oil) slowly polymerise and be ...

on Windows, which handle such requirements. Nevertheless, Telnet may still be used in debugging network services such as

SMTP The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients ty ...

IRC Internet Relay Chat (IRC) is a text-based chat system for instant messaging. IRC is designed for group communication in discussion forums, called '' channels'', but also allows one-on-one communication via private messages as well as chat an ...

HTTP The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, ...

FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data ...

POP3 In computing, the Post Office Protocol (POP) is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. POP version 3 (POP3) is the version in common use, and along with IMAP the most common p ...

, to issue commands to a server and examine the responses. Another difference between Telnet and other TCP terminal clients is that Telnet is not

8-bit clean ''8-bit clean'' is an attribute of computer systems, communication channels, and other devices and software, that handle 8-bit character encodings correctly. Such encoding include the ISO 8859 series and the UTF-8 encoding of Unicode. History ...

by default. 8-bit mode may be negotiated, but octets with the high bit set may be garbled until this mode is requested, as 7-bit is the default mode. The 8-bit mode (so named ''binary option'') is intended to transmit binary data, not ASCII characters. The standard suggests the interpretation of codes 0000–0176 as ASCII, but does not offer any meaning for high-bit-set ''data'' octets. There was an attempt to introduce a switchable character encoding support like HTTP has, but nothing is known about its actual software support.

Related RFCs

Internet Standards

* , Telnet Protocol Specification * , Telnet Option Specifications * , Telnet Binary Transmission * , Telnet Echo Option * , Telnet Suppress Go Ahead Option * , Telnet Status Option * , Telnet Timing Mark Option * , Telnet Extended Options: List Option

Proposed Standards

* , Telnet End of Record Option * , Telnet Window Size Option * , Telnet Terminal Speed Option * , Telnet Terminal-Type Option * , Telnet X Display Location Option * , Requirements for Internet Hosts - Application and Support * , Telnet Linemode Option * , Telnet Remote Flow Control Option * , Telnet Environment Option * , Telnet Authentication Option * , Telnet Authentication: Kerberos Version 5 * , TELNET Authentication Using DSA * , Telnet Authentication: SRP * , Telnet Data Encryption Option * , The telnet URI Scheme

Informational/experimental

* , The Q Method of Implementing TELNET Option Negotiation * , Telnet Environment Option Interoperability Issues

Other RFCs

* , Telnet 3270 Regime Option * , 5250 Telnet Interface * , Telnet Com Port Control Option * , IBM's iSeries Telnet Enhancements

Telnet clients

and plink command line are a free, open-source

, Telnet,

rlogin The Berkeley r-commands are a suite of computer programs designed to enable users of one Unix system to log in or issue commands to another Unix computer via TCP/IP computer network. The r-commands were developed in 1982 by the Computer Systems ...

, and raw TCP

client Client(s) or The Client may refer to: * Client (business) * Client (computing), hardware or software that accesses a remote service on another computer * Customer or client, a recipient of goods or services in return for monetary or other valuabl ...

for

Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...

Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...

, and

Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and ot ...

. *

AbsoluteTelnet AbsoluteTelnet is a software terminal client for Windows that implements Telnet, SSH 1 and 2, SFTP, TAPI Dialup and direct COM port connections. It is commercial software, originally released in 1999 and is still in regular development by Bria ...

is a telnet client for

. It also supports

and SFTP, * RUMBA (Terminal Emulator) * Line Mode Browser, a command line

web browser A web browser is application software for accessing websites. When a user requests a web page from a particular website, the browser retrieves its files from a web server and then displays the page on the user's screen. Browsers are used on ...

* NCSA Telnet *

TeraTerm Tera Term (alternatively TeraTerm) is an open-source, free, software implemented, terminal emulator (communications) program. It emulates different types of computer terminals, from DEC VT100 to DEC VT382. It supports telnet, SSH 1 & 2 and serial p ...

SecureCRT SecureCRT is a commercial SSH and Telnet client and terminal emulator by VanDyke Software. Originally a Windows product, VanDyke later added a Mac OS X version in 2010 with release v6.6 and a Linux version in 2011 with release v6.7. History Sec ...

from Van Dyke Software * ZOC Terminal *

SyncTERM Synchronet is a multiplatform BBS software package, with current ports for Microsoft Windows, Linux, and BSD variants. Past versions also ran on MS-DOS and OS/2, but support for those platforms were dropped in version 3.0 (circa 2000). History ...

BBS terminal program supporting Telnet, SSHv2, RLogin, Serial, Windows, *nix, and Mac OS X platforms, X/Y/ZMODEM and various BBS terminal emulations *

Rtelnet RTelnet is a SOCKS client version of telnet in Unix-like systems. The RTelnet utility provides similar functionality of telnet to those hosts which are behind a firewall. Normally, firewalls are designed to permit or deny network transmissions ...

is a

SOCKS A sock is a piece of clothing worn on the feet and often covering the ankle or some part of the calf. Some types of shoes or boots are typically worn over socks. In ancient times, socks were made from leather or matted animal hair. In the late ...

client version of Telnet, providing similar functionality of telnet to those hosts which are behind

firewall Firewall may refer to: * Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts * Firewall (construction), a barrier inside a building, designed to limit the spr ...

and

NAT Nat or NAT may refer to: Computing * Network address translation (NAT), in computer networking Organizations * National Actors Theatre, New York City, U.S. * National AIDS trust, a British charity * National Archives of Thailand * National As ...

. * Inetutils includes a telnet client and server and is installed by default on many Linux distributions. * telnet.exe command line utility included in default installation of many versions of Microsoft Windows.

In popular culture

Star Wars: Episode IV – A New Hope from 1977 has been recreated as a

text art ASCII art is a graphic design technique that uses computers for presentation and consists of pictures pieced together from the 95 printable (from a total of 128) character (computing), characters defined by the ASCII Standard from 1963 an ...

movie served through Telnet.

References

External links

Telnet Options
— the official list of assigned option numbers at iana.org
Telnet Interactions Described as a Sequence Diagram

Telnet configuration

Microsoft TechNet:Telnet commands

TELNET: The Mother of All (Application) Protocols

Troubleshoot Telnet Errors in Windows Operating System
* Contains a list of telnet addresses and list of telnet clients {{URI scheme Application layer protocols History of the Internet Internet Protocol based network software Internet protocols Internet Standards Remote administration software Unix network-related software URI schemes