[HN Gopher] Still Love Telnet
___________________________________________________________________
Still Love Telnet
Author : wannacboatmovie
Score : 109 points
Date : 2023-06-03 19:41 UTC (3 hours ago)
(HTM) web link (bash-prompt.net)
(TXT) w3m dump (bash-prompt.net)
| nologic01 wrote:
| Ok, that brought memories. Now back to the future and a post
| about Gopher.
| kune wrote:
| Why telnet, if you have `$ echo foo >/dev/tcp/localhost/8080`-
| nico wrote:
| In college, wow 23 years ago now, my school still had a Telnet
| interface for students to apply for spots in the classes they
| wanted for the following semester
|
| It was quickly replaced by a web interface, which I promptly
| hacked to be able to take whatever classes I wanted with priority
| over everyone else, fun times
|
| In case you are wondering, I let the admins know and they hired
| me to help them fix it
|
| Still use Telnet on a regular basis to test connectivity to web
| servers or other services
|
| Love connecting to port 80 and then typing:
|
| HEAD / HTTP 1.0\n\n
|
| It's amazing to manually "talk" the protocol that browsers use to
| communicate with web servers
| floren wrote:
| During my time at RIT, 2005-2010, you could apply for classes
| via a web interface, but if you wanted to _actually_ get the
| good spots, you 'd use the telnet interface.
|
| Specifically, you'd connect to a cluster of VMS machines (some
| VAXes, some Alphas) which had a text interface to the
| (reputedly) off-campus mainframe which did registration. I
| recall that "vaxa" was usually the most crowded because it was
| always listed first, but if you got on one of the Alpha systems
| it was more responsive.
|
| Everyone insisted that you MUST use telnet, not ssh (although
| ssh was enabled) because having hundreds of students logged
| onto each VAX was enough load already without introducing
| cryptography. If I remember right, you could get a list of who
| was logged in which indicated if they came in via telnet or
| SSH, and people did get shamed for using SSH.
| aim4min wrote:
| Ahh! Thanks for a trip down memory lane. RIT 98-03.
| Registration was intense!! ;)
| [deleted]
| forgotmypw17 wrote:
| I agree, and about human-accessible protocols in general, like
| HTTP and IRC.
| kstrauser wrote:
| My fingers type "telnet" themselves out of muscle memory, but is
| it actually better for anything than netcat?
| bdowling wrote:
| Short version:
|
| Telnet better supports interactive terminal applications by
| exchanging info like the TERM environment setting, screen size,
| translation codes, etc.
|
| Netcat doesn't do any of that, but is simpler and better suited
| for sending or receiving binary data. It also has features that
| telnet doesn't, like listening for incoming TCP connections and
| sending and receiving on UDP ports.
| belter wrote:
| Neat NCAT Tricks:
|
| https://nmap.org/ncat/guide/ncat-tricks.html
|
| https://nmap.org/ncat/guide/ncat-simple-services.html
|
| https://nmap.org/ncat/guide/ncat-broker.html
| oldstrangers wrote:
| I used telnet as a child to pretend I was a hacker. Then I used
| telnet as a child to actually hack into things. So much fun.
|
| And wardialing... Boy did I love wardialing.
| spicyusername wrote:
| netcat is what all the cool kids use these days.
| [deleted]
| idorosen wrote:
| The author is confused. They seem to have misspelled netcat.
| ("nc" on most distros.)
| yafbum wrote:
| Based on the contents, there's a typo... It should read "still
| love netcat"
| applied_heat wrote:
| I used to use it for sending test emails via smtp when
| troubleshooting other clients struggling to send
| hinkley wrote:
| Long, long ago in a galaxy far, far away, I used it to debug
| browser parsing issues.
|
| Curl has been around for ages, but not for the entire WWW age.
| chasil wrote:
| Netcat is really a cleaner solution from this perspective.
|
| Netcat, combined with the openssl utility, can do some amazing
| things with moving files over SMTP. I can post my favorite
| hand-rolled script if there is interest. I boiled it out of
| mpack down to the shell.
| fragmede wrote:
| Over SMTP? I'm interested!
| chasil wrote:
| I hope that you like it!
| yjftsjthsd-h wrote:
| > Netcat, combined with the openssl utility
|
| At that point, wouldn't it be easier to just use socat?
| pmontra wrote:
| Please, post it or post an URL to the script.
| chasil wrote:
| Here is the script. This is like FTP/scp to an inbox.
| Remove the two leading spaces that HN needs in quoting code
| blocks.
|
| This uses OpenSSL to a) send a base64-encoded MD5 hash of
| each file in the headers, then b) base64-encode the file
| itself. There is also an OpenSSL "smime" applet, but I
| really don't know what it does.
|
| The netcat is going to send this over cleartext; use
| OpenSSL s_client (or maybe "nc -ssl" if your netcat
| supports it) if cleartext is a problem.
|
| This is written in dash, so it should run in most POSIX-
| compliant shells. Note that local variables are not POSIX-
| compliant; for a true POSIX shell, change the shell
| function to "mimer () ( ...body ...)" to force a subshell.
|
| Shellcheck doesn't like printf formats done like this, but
| you can't please everybody.
|
| This also works in Windows with ports of OpenSSL and
| busybox, btw. $ cat mimer #!/bin/dash
| mimer () { local f \
| SMTP='smtp.yourco.com' \ BOUND="$(openssl rand
| -base64 21 | sed 's@[/+=]@_@g')" \ SFORMAT='helo
| %s mail from:%s rcpt to:%s data
| Mime-Version: 1.0 Subject: %s Content-Type:
| multipart/mixed; boundary="%s" This is a MIME
| encoded message. ' \ MFORMAT='%s
| Content-Type: application/octet-stream; name="%s"
| Content-Transfer-Encoding: base64 Content-
| Disposition: attachment; filename="%s" Content-MD5:
| %s ' { printf "$SFORMAT"
| "$HOSTNAME" "$2" "$1" "$3" "$BOUND" shift 3
| while [ -n "$1" ] do f=${1##*/}
| printf "$MFORMAT" "--$BOUND" "$f" "$f" \
| "$(openssl dgst -md5 -binary < "$1" | openssl base64)"
| # base64 < "$1" openssl base64 -in "$1"
| echo shift done
| printf '%s--\n.\nquit\n' "--$BOUND" } | sed -e
| 's/$/\r/' | nc "$SMTP" 25 } [ -z "$4" ] &&
| { echo mimer to from subject file1 '[file2]' ...; exit; }
| mimer "$@"
| reaperducer wrote:
| Just last week I set up a telnet connection to give a piece of
| legacy hardware access to the rest of the world.
|
| Better than throwing an old computer in the garbage.
|
| People act like if you're not connecting through SSH that you'll
| magically set the internet on fire.
|
| Not every connection needs to be secure. I don't care if hackers
| see me reading Radio France International.
| sigjuice wrote:
| But surely you would care if ads or other junk is getting
| injected into whatever you are reading?
| applied_heat wrote:
| Ads are already injected in just about everything I read,
| except for here
| qawwads wrote:
| People insist on ssh being the secure option then go on to
| write confidential informations on Google Doc, then copy-paste
| it in Google Translate for translation and ChatGPT to get a
| summary, then mail everything using webmail.
| chasil wrote:
| > "For the purposes of logging into a remote server, you should
| never, and probably have never considered it."
|
| This is not true when the client and server have both implemented
| Wireguard.
|
| With Wireguard in place, it is safe to return to legacy telnet,
| ftp, and rsh. The use of rcp still remains problematic, for the
| same reasons that scp is deprecated.
|
| It is not best practice to return and rely on these legacy
| protocols, as they are bad habits and are vulnerable when
| Wireguard (or equivalent protections at a lower level in the
| network stack) are in place.
| wkat4242 wrote:
| Well I used telnet before ssh was even a thing. It wasn't that
| weird back then and most internet systems were multi user where
| the common man didn't have root permissions. Thus so sniffing
| rights.
|
| In those days we also still used 10base2 so there wasn't even a
| switch involved. Every system could see each other's traffic. X
| terminals didn't have xauth in the beginning so anyone could
| connect to your terminal and screen grab or pop up pictures
| (something I did regularly for practical jokes)
|
| On the one hand it's kinda crazy not many bad things happened
| back then. On the other, not too much important stuff was
| online in those days. And only a handful knew how it worked.
|
| But yeah telnet and rlogin (authentication simply by having the
| right IP!!) were the tool for the job for many years believe it
| or not.
|
| /GrandpaMode
| mixmastamyk wrote:
| Not a good idea for cleartext even on a network you trust.
| Maybe one node, but why start bad habits?
| chasil wrote:
| Wireguard will encapsulate all your traffic inside UDP
| packets encrypted with chacha20-poly1305.
|
| Networking between two Wireguard hosts will never see TCP on
| the wire.
|
| Bad habits are OK with this in place.
| kstrauser wrote:
| SSH auth is way more convenient than telnet's
| username/password. That alone's enough for me to prefer SSH to
| telnet.
| fragmede wrote:
| Wait, why is scp deprecated?
| arp242 wrote:
| Only the protocol; the /bin/scp tool uses the sftp protocol
| by default now. You can just continue using it without fear.
| chasil wrote:
| The server can do bad things to you.
|
| https://lwn.net/Articles/835962/
|
| The author of PuTTY quietly set pscp to prefer the SFTP
| protocol for these reasons; OpenSSH stated their intention to
| do the same.
| quickthrower2 wrote:
| I don't understand that article. Those issues look easy to
| patch up? The first one has been. The second one seem like
| a case of not allowing the server to execute text sent by
| the client in the filename?
| chasil wrote:
| The original scp used rcp (as a protocol, or very close
| to it) inside of ssh.
|
| IIRC, wildcards are allowed, so the rcp server expands
| them.
|
| If the rcp server is malicious, it might slip an
| /etc/passed into its output, writing over the client.
| Very bad if the client is root.
|
| The original scp suffers the same problem. I'm not sure
| if this issue is entirely avoided if a fully-qualifed
| path is sent to the server (but I think so).
| pmontra wrote:
| Is this the CVE that makes scp insecure?
| https://bugzilla.redhat.com/show_bug.cgi?id=1860487
| arp242 wrote:
| Yes, but note this is only the scp protocol. The /bin/scp
| tool uses the sftp protocol by default now, and you can just
| continue using it without problems (if you ssh is new enough;
| check the manpage).
| riffic wrote:
| zero trust begs to differ. practicing defense in depth is
| almost always a better approach.
| slondr wrote:
| For corporate environments sure, for my home lab that seems
| like overkill
| jcrawfordor wrote:
| SSH is not overkill, it is the default. There are some
| narrow circumstances where you might have a good reason to
| use telnet in 2023, but they are edge cases related to
| legacy hardware and possibly occasionally the desire for
| easy on-path interception. It is very unlikely that you
| have a good reason to not just use SSH. Even if you care
| nothing about the security advantages, SSH has more
| consistent and better-defined behavior around 8-bit data,
| and offers far more features.
| riffic wrote:
| first of all, I do not see your home "lab" and anyone
| else's home LAN to be synonymous as a concept.
|
| Franky, do what you want in your lab.
|
| I would urge you or anyone else to assume there's already a
| compromised device on your home network.
| mobilio wrote:
| OR when this is in home LAN without forwarded ports
| VadimPR wrote:
| Mudlet (https://mudlet.org) is a scriptable, with Lua, telnet
| client that's pretty solid. Supports secure telnet over TLS as
| well.
| jcrawfordor wrote:
| I think a lot of this type of affection for telnet is misplaced.
| The fact that telnet functions acceptably as an arbitrary TCP
| client is an unintentional side effect of the design, not its
| purpose. netcat is not only a more feature complete tool for
| simple network connections and diagnosis, it gives clearer and
| more helpful output on the state of the connection when used with
| the verbose flag.
|
| The telnet client and protocol offer various gotchas that can
| appear as mysterious problems when you use them for
| troubleshooting instead of netcat. For example, telnet is not
| 8-bit clean because of the fact that it was designed specifically
| as a protocol to carry 7-bit ASCII. RFC 856 seeks to address this
| and netkit telnet can be told to behave in RFC 856 mode using the
| -8 option, but there can be variations between clients in this
| regard, and virtually no one uses the -8 flag anyway. netkit
| (Linux) telnet without the -8 option will behave oddly whenever
| non-ASCII characters are encountered, as they will be interpreted
| as control codes in the telnet protocol.
|
| It is a bit ironic, in this regard, that people using telnet as a
| TCP client almost always seem to be using it to troubleshoot SMTP
| - another protocol which is, for historic reasons, not 8-bit
| clean without extra work!
|
| And that kind of gets at the biggest problem: telnet is _not_ an
| arbitrary TCP connection utility, it specifically implements the
| telnet protocol. The telnet protocol is very simple, but it is
| there, and common telnet clients will send unsolicited (by the
| user) bytes in various circumstances in order to perform the
| telnet protocol. This can break the state of other protocols when
| you use telnet as a TCP client.
|
| If you want a tool for network diagnosis or arbitrary
| connections, it is netcat. Telnet for this purpose is just a
| workaround that is becoming quite obsolete as fewer distributions
| include telnet by default (removing its primary advantage over
| netcat, that it is "already there"). Even bash's odd built-in TCP
| functionality is a better choice than telnet in a lot of these
| situations, as it's simpler and won't try to conform to the
| telnet protocol.
| NikolaNovak wrote:
| Part of it to be fair comes to telnet being ubiquitous. I've
| used any number of aix / hp-ux / solaris / Linux / windows /
| whatever systems over the decades, with limited or high
| privileges, and telnet was the one command that worked on all
| and could within 3 seconds and no fancy docs or knowledge and
| additional tools tell me the basics of what I needed to know.
| Are there better tools? Ab so freaking lutely. But telnet is
| there :-)
|
| My 100 Croatian lipa
| indigodaddy wrote:
| And if telnet is not there, then curl very often is, and one
| can usually then just do curl -v telnet://target:port
| II2II wrote:
| Twenty years ago, sure. Yet I every time I have the urge to
| use telnet on a modern system, I have to install it. You may
| as well install netcat if it is available (and if it is
| suitable to the task).
| smallnix wrote:
| Any good resource recommendation for a concise overview how to
| use netcat for connectivity debugging?
| gabereiser wrote:
| This is correct, telnet will send IAC codes (0x255) followed by
| two bytes. WILL, WONT, DO, DONT. If telnet encounters a IAC
| code, it will read the next two bytes or subcommand bytes
| hiding that from your output. Telnet should not be used for TCP
| debugging.
| chasil wrote:
| I use "telnet -8 -E" for our VAX (which runs on the Charon
| emulator).
|
| We have Multinet ssh, but not enough ram and sundry resources
| to support 300+ concurrent sessions.
|
| I have a container with TinySSH, with /etc/passwd accounts for
| each of our VAXes. These accounts are set to "exec telnet -8 -E
| (vaxhost)."
|
| We used to use the Reflections terminal emulator with an
| stunnel binary packaged with it. Reflections is now over $500
| per seat in licensing, and Rocket is under $100.
|
| Rocket terminal refuses to allow a self-signed cert, and
| instead of renewing certs every two years, we push a private
| key to all our VAX users with Rocket, that launch the telnet.
|
| Without the -8 option, the line-drawing characters don't render
| properly.
|
| There was quite a bit of trial and error in getting this right.
| klyrs wrote:
| It wasn't just for troubleshooting SMTP, it was also great for
| debugging HTTP when you were serving malformed headers causing
| your browser to explode. Is that technically the wrong
| solution? Okay, dad, but it was also my gaming platform at the
| time.
| senko wrote:
| telnet towel.blinkenlights.nl
|
| (yes, it works with netcatting to port 23, as no Telnet IAC codes
| are being used, but for me it will forever be a telnet show).
| trollied wrote:
| I guess telnet is going to make us oldies feel old. They don't
| teach it these days :)
| placesalt wrote:
| There's a jpl service kicking around that's on telnet and is fun
| to play with. Nothing requiring a password - it's published
| material, essentially a website, but in command line form.
| Presumably the anon account permissions would take some care to
| set up, but once that's done it's a good interface, I think.
| Twisol wrote:
| Horizons! https://ssd.jpl.nasa.gov/horizons/
|
| IIRC, the Telnet interface is _technically_ more fully-featured
| than the others, although that 's probably simply because it
| would have come into existence first.
| elliottkember wrote:
| The original version of Android, on the T-Mobile G1 / HTC Dream,
| had a bug where all characters were sent to the command line as
| root. I restarted my friend's phone, typed `telnetd` and was able
| to telnet into the phone. A surprising number of options were
| available over telnetd. I made a few calls!
| cbondurant wrote:
| To second the discussion everyone has about utilizing netcat
| instead I also want to point out that there is a tool on pretty
| much every linux machine ever that can perform netcat for SSL:
| `openssl s_client`. Ive used it on multiple occasions for toying
| with the HTTPS protocol and all of the features that only enable
| themselves when using a secure connection. It does just what
| netcat does, but initiates a secure SSL tunnel first.
| anthk wrote:
| MUDs are still fun. Altough I would love to have TTS support in
| Frotz and Flite.
| charcircuit wrote:
| Neither telnet nor ssh handle problems like your laptop going to
| sleep or changing networks. These are stale and it in due time
| that we move to something better.
| chasil wrote:
| I haven't used it, but mosh supposedly handles suspended
| sessions.
|
| Alternately, you can do the same with tmux or screen.
| kstrauser wrote:
| Mosh into a tmux session is dreamy. I can connect from my
| iPad to a remote server at home, carry it onto a bus and
| continue working, then carry to a coffee shop and finish what
| I was doing, all without ever having to reconnect.
| draxil wrote:
| ...but you should probably use netcat instead.
| ElongatedMusket wrote:
| Is there a tool that has incorporated everything mentioned in
| this article into a one-liner app/script and spits out all the
| server replies and a diagnosis guess?
|
| Not intending to build it myself, just curious if it exists!
___________________________________________________________________
(page generated 2023-06-03 23:00 UTC)