paint-brush
What is the Difference between Telnet and SSH?by@jtruong
14,208 reads
14,208 reads

What is the Difference between Telnet and SSH?

by Jessica TruongOctober 1st, 2021
Read on Terminal Reader
Read this story w/o Javascript

Too Long; Didn't Read

Telnet is a TCP/IP protocol that allows a user to establish a remote connection to a system in a way that makes it appear as a local system via the command line. SSH is an open-source network protocol used to access and manage devices remotely via a program. Telnet sends data including usernames and passwords over the network in plain text making it highly vulnerable to man in the middle attacks. SSH was developed to resolve these issues and more.
featured image - What is the Difference between Telnet and SSH?
Jessica Truong HackerNoon profile picture

Telnet and SSH are network protocols used to remotely access and manage systems. Although both tools are similar, there are some differences with each protocol as you will learn throughout this article. You will also learn the key difference between the two protocols.

Table of Contents:

  1. What is Telnet? 
  2. What is SSH?
  3. What is the Key Difference Between Telnet and SSH?
  4. Final Thoughts: Difference Between Telnet and SSH

What is Telnet?

Telnet, which stands for Telecommunications and Networks, is a TCP/IP protocol that allows a user to establish a remote connection to a system in a way that makes it appear as a local system via the command line. This protocol is typically used by network administrators to access and manage devices remotely. Telnet only supports known port numbers and not dynamic ports.

How Does Telnet Work?

You can remotely connect to a server by entering the following Telnet into the command line:

telnet hostname (Note: you may also use an IP address instead of the hostname)

Once connected to the server, you can execute commands on the server using specific Telnet commands. 

Operation 

Telnet uses TCP port 23 and operates best with LANs (local area networks)

Authentication

Telnet sends data including usernames and passwords over the network in plain text making it highly vulnerable. It is possible to add security to Telnet such as using Kerberos which would aid with authentication and encryption.

Suitability of Network

Telnet works with a private network. 

Vulnerabilities

Since Telnet transmits data in clear text, it is vulnerable to man-in-the-middle attacks allowing hackers to retrieve the username and passwords of admin accounts and read the data that is being transmitted over the network. Obtaining these credentials allows hackers to gain access to admin accounts which would give them more access to do whatever they want.  

Due to the many vulnerabilities that Telnet faces, with packet sniffing being one of them, SSH was developed to resolve these issues and more. 

When Should We Use Telnet?

Since Telnet is not secure and sends data in clear text, it is rarely used today, however, there are two cases when it may be recommended to use Telnet instead of SSH:

  • If you are working with devices that do not support SSH
  • When you work on a trusted network (LAN) that is not connected to the Internet

What is SSH? 

SSH, which stands for Secure Shell, is an open-source network protocol used to access and manage devices remotely via a program. It helps you log into another system over a network and allows you to execute commands in the remote system. Once logged in, you also have the ability to move files from one system to another, and deliver software updates and patches to multiple systems. 

How Does SSH Work? 

You can connect to a remote server with the following command:

ssh [email protected] (Note: Replace SSHserver.example.com with the appropriate hostname or IP address)

This command will attempt to connect to the server named server.example.com using the user, username. Note that if it is the first time you are connecting with the server, the remote host’s public key fingerprint will be shown and will ask if you want to establish a connection. The screenshot below is an example of the prompt that will appear on your screen if it's the first time establishing a connection with the server.

You can either type out the word yes or hit the enter key on your keyboard to initiate the session. After you answer the prompt, you now have access to the server.

Operation

SSH uses TCP port 22 by default but you can change the port number.

Authentication

There are two ways to authenticate with SSH:

  1. Username and password 
  2. Public/private key pair

    SSH uses encryption, specifically public key encryption meaning it uses two separate keys: a public key and a private key. When data is encrypted with the public key, it can only be decrypted with a private key and vice versa. 

Suitability of Network

SSH works with a public network.

Vulnerabilities

SSH are vulnerable to brute force/dictionary attacks as hackers and here is what can be done to prevent such attacks:

  1. Disable SSH when it is not in use
  2. Disabling root access is a good security practice which means you should log in as a non-privilege user and escalate privileges as needed

When and Why Should We Use SSH?

SSH is very secure and should therefore be used whenever you want to connect to a remote system. SSH protects user identities, passwords, and data from any snooping attacks and ensures confidentiality and anonymity on unsecured networks. 

What is the Key Difference Between Telnet and SSH? 

The key difference between Telnet and SSH is that SSH uses encryption meaning all data transmitted over the network is protected from eavesdropping. This makes it extremely difficult for hackers to decrypt and read the data being exchanged between the client and server.

Final Thoughts: Difference between Telnet and SSH

Although Telnet and SSH are both network protocols that can be used to access and manage devices remotely, the SSH protocol is the better option. I hope that you now have a better understanding of what Telnet and SSH are. It is important to remember that the major difference between Telnet and SSH is that SSH encrypts traffic in both directions, meaning all data including usernames and passwords.