Remote Login with Telnet

Now everyone can work anywhere — Part1/3

Introduction

An office I can call home

But with all the make-ups to put on before going on-air; to the artisan coffee I need to sip before I am human again, plus the commute time to work; I normally arrived at the office 1–2 hours late. But is that really all my fault? — If my office is also my home; then I will always be on-time, because it only take 10 seconds for me to move from my bed to my desk.

Now the question is can we be afforded with such a luxury, especially most of the equipments, services and infrastructure we need to work in full productivity are housed in the office?

Well, with the recent pandemic that strikes us; it has opened up many new ways for working from home. We are doing things we never thought possible; for example, you are now learning about remote login right on medium.com. To access some services that are hosted in the office premise or in the company’s private networks — REMOTE login is one quick way to get us in to these physical servers that are far way from our home (remote location). In this story, we will explore how remote login works using Telnet as the example protocols.

Intuition of remote login

Let’s take a look at an example of remote login using Telnet. Here, Avocado want to access the Data Server. Assuming that the server is pre-configured with Telnet access.

Avocado is working from home in Penang. He is connecting to the server located in the office using remote login during MCO.

Avocado can use command prompt or putty.exe to remote connect to the server given the IP address of the server. In this example, the server has a fixed IP address of 192.168.209.244.

Here’s one way to ‘telnet’ into the server. Using putty.exe, we simply specify the target server IP and choose the ‘telnet’ option.

Putty.exe is a popular choice for remote login using TELNET and SSH

After initiating a connection, the Telnet server will ask the user for authentication info. If Avocado is a legit user, he will be logged into the server to perform tasks through the command lines.

Telnet server asking for the login credentials during the authorisation. Telnet service is password protected. Each user is given unique username and password. However, the is no end to end encryption for Telnet connection. Telnet is vulnerable to MITM attacks.

After logging in, Avocado can perform some supported actions using Telnet’s command line. There is no UI support in Telnet. For example, if Avocado want to list all the files available on the server; he simply types ‘ls’ to show the list. The full list of Telnet command can be found here.

How Telnet works?

In Telnet, the client starts the connection request on TCP/23. When the server received the request, it replies with request for authentication message. The client then reply back with Telnet’s account name and password. These user credentials are sent in plain text. When the server received the login details, it then authenticate the authorised users to perform further actions on the server.

Setting up a remote connection from Telnet client →Telnet Server

A few fun facts on Telnet:

1. Telnet client is not enabled by default in Windows. User need to manually add TELNET using the ‘turn Windows features on or off’ option.

2. Telnet sends authentication details in plaintext. This made Telnet to be vulnerable to Man-in-the-Middle attacks. Using a network sniffer, an intruder can easily intercept the Telnet packets and check for the password since the payload is not encrypted.

3. Telnet client sends the username and password one character at a time. For example, if the username is ‘Dua’ and password is ‘123’. The client first sends ‘D’ to the server; then the server reply the same ‘D’ back to the client. Afterwards, the client sends ‘U’ to the server; and the server send back ‘U’ to the client. The message exchange continues in this way, even for the password; until all the characters of the username and password are completely exchanged.

Here’s an intuitive video to show how TELNET actually works.

Behind The Scenes — How Telnet Works

Problems with Telnet

1. Make sure the Firewall on the client and on the server is not blocking TCP/23.

2. Make sure no access-control list is blocking TCP/23 on the network perimeters.

3. Make sure the username and password is correct. Note that when you are typing the password for Telnet on the console, the cursor will not move. This UI design can sometime caused confusion and user retyped some characters of the password.

4. Telnet server is not reachable at the moment; or is wrongly configured.

5. The IP address of the Telnet server is invalid; or wrongly entered.

6. Telnet is vulnerable to MITM attacks. The username, password and data sent on Telnet can be easily intercepted and recovered. This problem is resolved with SSH that encrypts the remote connections.

I’m just a little boy, lost in the tech world. But remember, love is a riddle, and life with tech is more amazing than ever