Which Client Software Is Better for Telnet and SSH?
You could access a server in another place as easily as you could while you were sitting right at the keyboard by using Telnet and SSH. Various Telnet clients and SSH clients running Telnet and SSH protocol can help access the Telnet server and SSH server to execute configuration and management remotely.
Telnet and SSH (Secure Shell) are two network protocols used to connect to remote servers in order to facilitate some sort of communications. They enable network administrators to remotely access and manage a device. So both of them are considered as terminal emulators. Still, they possess some different features. Telnet vs SSH: what are the differences? And among multiple Telnet clients and SSH clients, such as PuTTY, SecureCRT, which should you choose? Or how to access Telnet and SSH on computing platforms. This post tells the answers.
Telnet vs SSH: What Are the Differences?
The key difference between Telnet and SSH lies in security. SSH offers security mechanisms that protect the users against anyone with malicious intent, thus establishing a secure connection between two remote hosts over the Internet, while Telnet has not security measures whatsoever. More specifically, SSH uses an encrypted format to transfer data among computers so that the encrypted mechanism provides confidentiality and integrity of data being exchanged. Moreover, SSH uses public key cryptography for authentication of the remote system, which means that instead of just using a username and password, the two systems exchange secret keys that positively identify each system, and ensure that only the intended system can read the communications between them.
Figure 1: SSH ensures more secure packets of data transfer
In contrast, Telnet uses no authentication mechanisms, and exchanges data in plain text, so it’s not suitable for sending confidential data like username and password using this protocol, as anyone can read the text being exchanged and can intercept the messages easily. Yet both the two use TCP (Transmission Control Protocol) standard with Telnet default port is 23 and SSH default port is 22.
Figure 2: Telnet with no authentication, can be intercepted easily by hackers
Another point to mention about SSH is that each packet contains less data to make room for the data of the security mechanisms. Hence, a lot more bandwidth would be taken up when using SSH to transmit the same amount of data. This is called overhead and when Internet speeds were very low, it’s a major issue, and translates to a performance hit. In general, considering the security available in each protocol, SSH is widely used in public networks for remote login systems and for executing remote commands due to its high security, whereas Telnet is suitable only for private networks.
Telnet Client & SSH Client Comparison
As stated above, both Telnet and SSH allow users to communicate with remote devices. To use Telnet or SSH, you must have a software installed—Telnet client or SSH client running over Telnet or SSH protocol. And on the remote device, a Telnet server or an SSH server must be installed and running. (P.S. Telnet is built in and enabled by default in most windows operating systems). Multiple Telnet clients and SSH clients are available. According to Wikipedia, some of those Telnet clients and SSH clients are listed in the following table.
PuTTY, free, open-source, for Windows, Linux and Unix. AbsoluteTelnet for Windows, also supports SSH. RUMBA (Terminal Emulator) NCSA Telnet TeraTerm SecureCRT from VanDyke Software ZOC Terminal
PuTTY, free, open-source, for Windows, Linux and Unix. AbsoluteTelnet for Windows, also supports SSH. OpenSSH SecureCRT from VanDyke Software SSH Secure Shell Client SunSSH Xshell
Comparison of Telnet Clients—Free or Commercial
What is the best Telnet client? Opinions vary. Someone thinks SecureCRT is the best client, while others may go to TeraTerm. Like SSH clients, Telnet clients can also be divided into free Telnet clients and commercial Telnet clients.
TeraTerm is an open source, free software implemented, terminal emulator program. It’s one of the most popular Windows terminal programs. It’s simple to use. In addition to standard terminal emulator functionality, Teraterm has macro language which allows to automate login to most frequently used servers. Unfortunately few people understand this very important and productivity enhancing (especially for sysadmins) feature of Teraterm.
SecureCRT is a commercial SSH and Telnet client and terminal emulator by VanDyke software. SecureCRT client for Windows, Mac and Linux provides rock-solid terminal emulation for computing professionals, raising productivity with advanced session management and a host of ways to save time and streamline repetitive tasks. SecureCRT provides secure remote access, file transfer, and data tunneling for everyone in your organization. Whether you are replacing Telnet or Terminal, or need a more capable secure remote access tool, SecureCRT is an application you can live in all day long. With the solid security of SSH, extensive session management, and advanced scripting, SecureCRT will help raise your productivity to the nth degree.
Figure 3: Use SecureCRT to establish remote connection
Comparison of SSH Clients—Free or Commercial
With various SSH clients, which is the best SSH client for Windows? Generally speaking, there are free SSH clients and commercial SSH clients. Here takes PuTTY and Tectia SSH for example to demonstrate the differences between free SSH clients and commercial SSH clients.
For the free and open source SSH clients, PuTTY is probably the most popular SSH client for Windows. It has good terminal emulation, good configurability, and good support for different cryptographic algorithms. It also supports public key authentication and Kerberos single-sign-on. A major shortcoming of PuTTY is that it does not have integrated file transfers in the client itself. Instead, file transfers have to be done via the command line. This is too complicated for most users. Moreover, PuTTY does not come with an SSH server. It can be used with Linux OpenSSH.
Figure 4: The most popular SSH client—PuTTY
For commercial SSH clients, Tectia SSH is commercially supported SSH client for enterprise, with 24x4 support. Tectia SSH secures remote system administration, provides encrypted file transfers, and enables secure system automation. On Windows, Tectia SSH supports both file transfers and command line access. Command line access is very useful for remote administration of Windows servers in data centers, across firewalls, and for scripting administrative actions. Tectia SSH client is used by many enterprises for system administration and for running legacy text-based applications.
Kind reminder: which SSH/Telnet to use depends on your requirements. The one fitting your network would be the best. If you can’t decide which secure shell or telnet client to use, start with PuTTY.
Network Switch Telnet/SSH Configuration Guide
A network switch, as a Telnet server or an SSH server, can connect to multiple Telnet or SSH clients. Telnet clients are typically LAN users, while SSH clients can be both LAN users and WAN users. How to access a network switch remotely and configure it over Telnet and SSH?
How to Configure a Network Switch Remotely Over Telnet Client Software?
A Telnet session lets you access a network switch remotely using the default port 23. Entering Telnet followed by the switch IP address can establish a Telnet session connection.
switch# telnet 10.17.37.157
If the switch is active and the Telnet service is enabled on it, a display like the following will appear.
Connected to 10.17.37.157.
Escape character is '^]'.
Network OS (sw0)
You can log in normally, once you have established the Telnet connection.
How to Configure a Network Switch Remotely Over SSH Client Software?
In order to establish SSH connection successfully, please pay attention to the following points:
Create the connection between SSH client and SSH server. The version of SSH client and SSH server should be the same. The key matched. SSH function in server should be enabled.
You can use the SSH command to connect a remote server and open a shell session there. The simplest form assumes that your username on your local machine is the same as that on the remote server. If this is true, you can connect using:
If your username is different on the remote server, you need to pass the remote user’s name like this:
Your first time connecting to a new host, you will see a message that looks like this:
The authenticity of host '188.8.131.52 (184.108.40.206)' can't be established.
ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? yes
Type “yes” to accept the authenticity of the remote host. If you are using password authentication, you will be prompted for the password for the remote account here. If you are using SSH keys, you will be prompted for your private key’s passphrase if one is set, otherwise you will be logged in automatically.
When configuring SSH on a network switch, one of the steps will be to create a public/private SSH key which your SSH client will use to authenticate the switch when your connect. Each switch will have its own SSH key. It is recommended you save and install this key to whatever client you’re using to prevent man-in-the-middle attacks. In general, you can configure a remote network switch over SSH by these three steps: enable SSH, display SSH configuration to ensure the keyfile can be used, open SSH client in PC and log in switch.
How to Configure a Network Switch Remotely Over Telnet Default by Windows?
The two methods above use Telnet client software or SSH client software to achieve the remote access to a network switch. Besides those two methods, you can also configure a network switch remotely using Telnet default by Windows which is already installed and ready to use for most Windows systems. Here takes FS.COM S3800-48T4S network switch as an example.
First, press the Windows key and R to open the run box, and enter “CMD”. Second, Telnet 192.168.100.38, and then press Enter key. Third, If the username and password have been set up previously, it would display like Figure 5, enter the password and then it would display like Figure 6. If haven’t set up a username and password, it would display like Figure 6 directly.
Figure 5: Enter username and password
Figure 6: Remote switch parameters
Moreover, for FS.COM network switches, you can also access the network switch remotely and configure it over Telnet using various Telnet software clients but with the same display, or over SSH using various SSH software clients with the same display.
Telnet sends all packets of data through IP networks as clear text, which includes the username and password. In most cases, it can be a potential security risk that is very easy to abuse. When using Telnet for monitoring switches or routers, you must have in mind the security risk behind Telnet connection to the device. SSH is more secure by using encryption of data packets that are crossing the network. No matter Telnet or SSH, they actually do the same thing—access the command line of an operating system from wherever you are over the network.