Telnet/SSH Tim Jansen, Mike Stanislawski

TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the local terminal appears to be the terminal at the remote location. Usually establishes its connection on port 23

Local log-in Log-in is performed with a username and a password. Keystrokes accepted at the terminal driver and passed to the operating system. Operating system interprets the keystrokes and performs an action

Remote Log-in Terminal Driver accepts keystrokes and passes them to the TELNET client Client transforms characters to network virtual terminal (NVT) character and delivers them to TCP/IP protocol stack Passed online to the server’s TCP/IP stack and then to the TELNET server which deciphers the NVT characters The decoded characters are passed to a pseudoterminal driver because the Operating System is only designed to receive characters from a terminal driver.

NVT Uses two sets of characters one for data and the other for control Data characters are represented with the same 7 lowest-order bits as ASCII and the highest-order bit is 0. Control characters highest-order bit is 1

Embedding The same connection is used for sending both data and control characters. Control characters are embedded in the data stream. A control character is recognized by a preceding character of , this is the IAC (Interpret as control) character.

Options Options are extra features available to a user with a more sophisticated terminal. Simple terminals use default features. Option negotiation entails using four control characters, WILL, WONT, DO, DONT WILL is sent as a question “Will I enable the option? DO is sent as a request “Do enable the request” WONT is sent to say “I won’t use this option anymore” DONT is sent to say “Don’t use it anymore”

Modes Default Mode – used if no other modes are invoked. Character Mode – each character is sent to the server, but the server may delay sending back the information. Creates overhead because 3 TCP segments are sent per character. Line Mode – line editing is done by the client, and then sent as a whole line to the server.

Security TELNET is unencrypted, making it very easy to intercept. Most implementations have no authentication to ensure communication is carried out.

TELNET Today TELNET has in the past few years been overtaken by remote login It is still used in such ways as debugging network services.

SSH SSH is short for Secure Shell Unlike TELNET, SSH uses a form of encryption The encryption is public-key

SSH is also a remote login protocol It can be used for file transfer with SFTP or SCP Listens on standard TCP port 22

Uses of SSH For remote login Executing single lines on a remote host Copying files from a local server to a remote host As a secure alternative to FTP

Transport Layer Handles initial key exchange Sets up encryption and compression Also arranges for key re-exchange after an hour or 1GB is transferred.

User Authentication Layer Handles client authentication Password authentication Public key authentication And others

Connection Layer Defines channel requests Multiple channels can be hosted at once Direct-TCP/IP handles client-to-server forwarded connections Forwarded-TCP/IP handles server-to- client forwarded connections

Security Defends against –IP spoofing, where a remote host sends out packets which pretend to come from another, trusted host. Ssh even protects against a spoofer on the local network, who can pretend he is your router to the outside. –IP source routing, where a host can pretend that an IP packet comes from another, trusted host. DNS spoofing –DNS spoofing, where an attacker forges name server records

Security cont. Also protects against –Interception of cleartext passwords and other data by intermediate hosts –Manipulation of data by people in control of intermediate hosts In short, SSH trusts nothing SSH is secure assuming the option of encryption “none” is not chosen