Telnet Vs SSH

For this tutorial i will be using a few Virtual machines with the Linux distro Kali as the OS. From this post you will learn why to use SSH over Telnet.

Telnet

First of all you will need to start the telnet daemon (telnetd) on the server using the following command as telnet is disabled by default.

/etc/init.d/rlinetd restart 

Now start a capture of the network interface on the telnet server using wireshark.

Next step is to connect to the server from another machine using telnet.

telnet <serverIP>

After connecting you will be prompted for a username. Now enter the server’s root username and enter the root password when prompted.

When you successfully login, stop the capture on wireshark and end the telnet session using the “exit” command.

Use “follow TCP streams” to view the capture of the session and you will notice something strange like below.

Do you see that the username and password is in clear text. This would mean anyone able to capture packets from or to your server could easily find and use the creditionals to do untold things with your server.

SSH

Now if SSH is not already running on your server use the following command to start it.

t/etc/init.d/ssh start

Like you did with telnet start an packet capture using wireshark.

Now log into the server using the following command.

ssh  <username>@<serverIP>

Now you will be prompted for the password of the user that you are logging it with. Enter the password and stop the capture on wireshark. End the SSH session using the “exit” command. Use “follow TCP streams” like you did previosly to view the capture of the session and compare it to the telnet session.

As you will see from the above screen shot no username or passwords are visible in the SSH session.

This is because SSH establishes a secure channel over an network whether that network be secure or not. There is different levels of secure you can configure for the SSH connection but the higher the security the slower the connection.