{"id":563116,"date":"2023-03-13T19:00:23","date_gmt":"2023-03-13T16:00:23","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/how-is-ssh-different-from-telnet\/"},"modified":"2023-03-13T19:00:23","modified_gmt":"2023-03-13T16:00:23","slug":"how-is-ssh-different-from-telnet","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/how-is-ssh-different-from-telnet\/","title":{"rendered":"#How Is SSH Different From Telnet?"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2d5cc235a89\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2d5cc235a89\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/how-is-ssh-different-from-telnet\/#%E2%80%9CHow_Is_SSH_Different_From_Telnet%E2%80%9D\" >&#8220;How Is SSH Different From Telnet?&#8221;<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/how-is-ssh-different-from-telnet\/#TELNET_and_SSH_The_Origin_Story\" >TELNET and SSH: The Origin Story<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/how-is-ssh-different-from-telnet\/#TELNET_Is_a_Plaintext_Security_Nightmare\" >TELNET Is a Plaintext Security Nightmare<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/how-is-ssh-different-from-telnet\/#How_Is_SSH_Different_From_TELNET\" >How Is SSH Different From TELNET?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/how-is-ssh-different-from-telnet\/#SSH_Has_Had_Its_Problems_Too\" >SSH Has Had Its Problems, Too<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/how-is-ssh-different-from-telnet\/#Should_You_Use_SSH_or_TELNET\" >Should You Use SSH or TELNET?<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9CHow_Is_SSH_Different_From_Telnet%E2%80%9D\"><\/span>&#8220;How Is SSH Different From Telnet?&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div>\n<figure style=\"width: 1920px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage size-full wp-image-878375\" data-pagespeed-no-defer=\"\" src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2023\/03\/sshtelnet.jpg?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Closeup of a computer screen with PuTTY configuration options visible.\" width=\"1920\" height=\"1080\"\/><figcaption class=\"wp-caption-text\"><span class=\"type:primaryImage imagecredit\">Jordan Gloor \/ How-To Geek<\/span><\/figcaption><\/figure>\n<p>TELNET doesn&#8217;t have any encryption, so everything is transmitted in plaintext. SSH is encrypted, so it is private and secure. That&#8217;s why SSH should be used in preference to TELNET.<\/p>\n<p>SSH and TELNET both let you connect to remote, networked computers and to use them as if you\u2019re sitting in front of them. So what\u2019s the difference between these two venerable protocols, and is there really always an advantage to using SSH over TELNET?<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"TELNET_and_SSH_The_Origin_Story\"><\/span>TELNET and SSH: The Origin Story<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Necessity is the mother of invention. System administrators needed a way to access and manage computers that were physically located elsewhere. If it was impractical or inconvenient for the administrator to position themselves in front of the computer, they needed a way to access the remote computer that allowed them to issue commands just as if they were typing them into that computer.<\/p>\n<p><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Telnet\">TELNET<\/a>, short for\u00a0<strong>tel<\/strong>etype over\u00a0<strong>net<\/strong>work protocol, was developed in 1969 as the answer to that problem. As long as the remote computer was network accessible, it allowed the administrator, or any other authorized person, to connect to it and use it as if they were physically pressing the keys of the remote keyboard.<\/p>\n<p>SSH was created much later\u2014in 1995\u2014as a direct response to Telnet and other similar solutions. The necessity this time was security.\u00a0TELNET,\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Berkeley_r-commands\">rlogin<\/a>,\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/File_Transfer_Protocol#Security\">FTP<\/a>, and other protocols of that era were designed without any consideration to, or perceived need for, security.<\/p>\n<p>SSH stands for\u00a0<strong>s<\/strong>ecure\u00a0<strong>sh<\/strong>ell, so you can see that security was a guiding principle from its inception. Nowadays, SSH has almost entirely replaced TELNET.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"TELNET_Is_a_Plaintext_Security_Nightmare\"><\/span>TELNET Is a Plaintext Security Nightmare<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The big problem with TELNET is it uses plaintext. It doesn\u2019t encrypt any of its traffic, including user names and passwords. Anything it transmits along the network can be captured by packet sniffing and read, with the greatest of ease.\u00a0This is a security risk even on a local network, unless you\u2019re the only user. Any user can intercept TELNET traffic and obtain login credentials to which they have no right.<\/p>\n<p>If the remote computer is off-site, requiring a connection to be made across the internet to reach it, the problem is magnified immeasurably.\u00a0TELNET was a product of its time, and to be fair to them, the authors almost certainly didn\u2019t expect people to be using it well over fifty years later, in today\u2019s vastly different IT landscape.<\/p>\n<p>While TELNET deserves its place on the list of important programs that collectively helped bring us to where we are today, it\u2019s not something that we should still be using in today\u2019s world.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"How_Is_SSH_Different_From_TELNET\"><\/span>How Is SSH Different From TELNET?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>On the face of it, TELNET and SSH are two answers to the same problem. They both let you access a terminal window on a remote computer and issue commands to it. But because SSH was developed so much later than TELNET, the problem was more thoroughly understood, and the answer was better engineered.<\/p>\n<p>TELNET was designed with\u00a0<em>private<\/em>\u00a0networks in mind, but SSH was designed to cope with <em>public<\/em>\u00a0networks, and the need to maintain privacy and security when transferring data and making remote connections.<\/p>\n<p>TELNET uses port 23 and that port number can\u2019t be changed. By default, SSH uses port 22, but this can be configured and changed. Configuring SSH to use an unobvious port number makes it harder for attackers to identify the SSH port. If SSH port can be identified, it\u2019s a trivial matter to mount a brute-force attack where thousands of passwords harvested from data breaches are tried in turn, by automated software.<\/p>\n<p>Even better, SSH can dispense with passwords altogether.\u00a0It can use public key encryption\u00a0to authenticate to remote computers. Passwords are never transmitted at all, because there\u2019s no need to send them to the remote computer. Its data encryption and SSH key authentication mean SSH is able to deliver secure connections and communications over insecure networks like the internet.<\/p>\n<p>In fact, SSH can be used to authenticate with different services, not just remote computers running an SSH server. For example, you can access the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/docs.github.com\/en\/authentication\/connecting-to-github-with-ssh\">GitHub<\/a>,\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/docs.gitlab.com\/ee\/user\/ssh.html\">GitLab<\/a>, and\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/support.atlassian.com\/bitbucket-cloud\/docs\/configure-ssh-and-two-step-verification\/\">BitBucket<\/a>\u00a0hosted Git repositories using SSH instead of passwords.<\/p>\n<p>Another advantage to using SSH over TELNET is that SSH can do reverse SSH tunneling. This requires the server to establish a connection with the client computer. Until the local user wants to make a connection to the server, the connection is ignored.<\/p>\n<p>When the client wants to connect to the server, the user establishes an SSH connection to their own computer. SSH sends the connection down the already established connection, to the server. This provides a private tunnel inside the already encrypted connection from the server to the client.<\/p>\n<p>The only win for TELNET is it uses less bandwidth. But this isn\u2019t 1969 where bandwidth was scarce, and SSH isn\u2019t exactly a bandwidth hog either.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"SSH_Has_Had_Its_Problems_Too\"><\/span>SSH Has Had Its Problems, Too<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Although SSH outdoes TELNET when it comes to security, we have to remember that it is still software, and software can have bugs. Those bugs can lead to vulnerabilities that can be exploited by cybercriminals. Also, encryption standards and algorithms change over time, and get superseded. Like all encryption-based software, as older versions of SSH age, they can become less secure. That\u2019s why it is important to make sure you are using the latest release of SSH.<\/p>\n<p>The version of SSH used in most Linux computers is OpenSSH, an implementation of SSH that builds upon the OpenSSL toolkit and libraries. In 2012, the OpenSSL library accidentally introduced a bug that allowed an attacker to request a response from the SSL server, and to specify how much data to contain in the answer.<\/p>\n<p>They could requests a response of (say) 64KB when the actual response would have needed no more than 64 bytes. The first sequence of bytes in that data would be the genuine, expected response, followed by whatever h<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ened to be in the memory recently used by OpenSSL. What was contained in that data was pot luck, but it could contain sensitive information such as session cookies and passwords, or other information that allowed an attacker to acquire private keys, for example.<\/p>\n<p>Once it was discovered, in 2014, the vulnerability became known as\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Heartbleed\">Heartbleed<\/a>. It was quickly fixed in the software. However the vulnerability doesn\u2019t disappear at that point. The vulnerability is only completely nullified when all computers running the vulnerable software have the fixed version installed. In other words, when the computers have been <em>patched<\/em>. Because many administrators were slow to react, the uptake of the fixed software was slow.<\/p>\n<p>Also worrying is the two years between 2012 when the bug was introduced and 2014 when it was discovered, and addressed. For those two years, every SSH server running the vulnerable version of OpenSSL was at risk.<\/p>\n<p>To be fair, that happened practically a decade ago, and since then there have been many releases, improvements, bug fixes and code reviews.<\/p>\n<p><strong>RELATED:<\/strong> <strong><em>The Best Ways to Secure Your SSH Server<\/em><\/strong><\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Should_You_Use_SSH_or_TELNET\"><\/span>Should You Use SSH or TELNET?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>It\u2019s hard to think of a reason you\u2019d need to use TELNET today. That\u2019s not the same as saying is there any scenario in which it\u2019s safe to use TELNET. In a self-contained network that isn\u2019t connected to the outside world, and you\u2019re sure no one is going to packet-sniff your traffic, you could use TELNET. But there\u2019s no reason to. The security trade-off can\u2019t be justified.<\/p>\n<p>SSH is more secure and more flexible\u2014that\u2019s the advantage to using SSH over TELNET. The OpenSSH implementation is free for all uses including commercial, and is available for all popular operating systems.<\/p>\n<p><strong>RELATED:<\/strong> <strong><em>How to Connect to an SSH Server from Windows, macOS, or Linux<\/em><\/strong><\/p>\n<\/div>\n<p><script>\n setTimeout(function(){\n  !function(f,b,e,v,n,t,s)\n  {if(f.fbq)return;n=f.fbq=function(){n.callMethod?\n  n.callMethod.apply(n,arguments):n.queue.push(arguments)};\n  if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';\n  n.queue=[];t=b.createElement(e);t.async=!0;\n  t.src=v;s=b.getElementsByTagName(e)[0];\n  s.parentNode.insertBefore(t,s) } (window, document,'script',\n  'https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n   fbq('init', '335401813750447');\n   fbq('track', 'PageView');\n  },3000);\n<\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.howtogeek.com\/876269\/how-is-ssh-different-from-telnet\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;How Is SSH Different From Telnet?&#8221; Jordan Gloor \/ How-To Geek TELNET doesn&#8217;t have any encryption, so everything is transmitted in plaintext. SSH is encrypted, so it is private and secure. That&#8217;s why SSH should be used in preference to TELNET. SSH and TELNET both let you connect to remote, networked computers and to use&#8230;<\/p>\n","protected":false},"author":1,"featured_media":563117,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2023\/03\/sshtelnet.jpg?height=200p&trim=2,2,2,2","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-563116","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/563116","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=563116"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/563116\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/563117"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=563116"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=563116"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=563116"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}