How to Telnet to web server?
 

Hi guys -
I know nothing about unix - but unless I want to use old apps under classic for Telnet - I guess I need to learn the basics.

I'm a webmaster, and telnet into my (virtual) server for one purpose only - and thats to create my new directories when I sign on a new client -(10 times in the last year & 1/2). I've always used the necessary third party shareware apps for this & have had no problems. I know I can now use Terminal for this, right? I've been using the Mac since system 7 up but have no Unix knowledge.

Can someone give me the basic instructions to simply log into my server - I'm good from there on. I just need to connect.

And then, yes.. I'll hit the books and try to learn this wonderful language of unix.

Thanks is advance for any assistance.

QuickSilver G4/512/10.2.4 w/pci card & external secondary burner

Well, when you go to study, type in man telnet in the terminal.

If you just want to log in, then type telnet -l username servername

You should then be prompted for your password. Poof, you're in.

EDIT: That's a lowercase L after telnet..

understand that telnet is an open, insecure protocol.

you should try to wean yourself from telnet and study up on ssh, the secure shell protocol.

it's got a lot of features and options that may seem overwhelming in the man pages, but for basic remote login, it's pretty easy to implement and use in OSX 10.2.x

Tried what you said - typed in "telnet -l (my login) (my server)

this (below)is what I got:

Connected to (my server)
Escape character is '^]'.
dyld: telnet Undefined symbols:
telnet undefined reference to _tgetent expected to be defined in /usr/lib/libSystem.B.dylib
Trace/BPT trap


Thanks,
--Frank

use ssh
 

please please please don't use telnet

it is insecure.
your username and password are passed in the clear...can be intercepted.

use ssh

ie:
ssh -l username ipofwebserver -p 22
or:
ssh username@ipofwebserver

The first time you do this you'll be asked a question:
The authenticity of host "blah blah blah" can't be established.
Are you sure you want to continue connecting (yes/no)?

answer yes to this question.

ps
 

almost forgot
you have to make sure sshd is running on your webserver.
If its on a macosx machine go into System Preferences>Sharing and make sure the checkbox next to "Remote Login" is checked.

good luck!

"Telnet is insecure" I hear it all the time, and yeah yeah I only use SSH, but I've never heard why is telnet so much less secure than say email or ftp? Both of those send clear text passwords. If you're using those to connect to a server all the time, wouldn't that be just as insecure as telnet? Educate me :)

because
 

with ftp and smtp you are accessing services which do not require an account on the box with shell. You can pull mail off a mail server and not have a shell on the mail server via Pop.
Smtp can send and receive mail without an account on the corresponding other SMTP server. Ftp does not require shell.

When you logon via telnet you are connecting to YOUR account on that box, with shell. If I intercept your username and password via telnet I can logon AS YOU, then elevate permissions to gain root on the box....ALL AS YOU.

With ssh, you gain two advantages. The entire session including logon name and password plus all the session data is encrypted. Hense if intercepted is unuseable.

Plus with ssh you can use scp to securely transfer files to remote servers.

Plus telnet does little authentication other than username and password. Ssh also authenticates with keys and if you wish Certificates.

Plus ssh is no more difficult to use than telnet.
When more secure is as easy as insecure it makes sense to use more secure means.

Re: because
 

Yeah, but if you intercept me checking my email or ftp'ing in, you could also then email as me or ftp as me.... Sure you can't execute applications on the server in email like you can with telnet, but you still wouldn't want someone using your email account. It's still sending clear-text passwords. I would think that's just as much of a security risk. :confused:

Security
 

If someone gets your telnet password, they can bring ALL your client's sites down, delete your web server or run rogue scripts on it as you.

Your hosting provider should allow SSH and SSL connections. With these you could use SSH instead of telnet (my provider doesn't even allow telnet), SFTP (secure FTP) instead of FTP and I even check my email over a secure SSL connection.

Boy George would run rouge scripts

Shane MacGowan would run rogue scripts :D

forget about me?
 

Hey guys, remember me? I started this post... if you scroll up - you'll see I still haven't been able to get in w/ Terminal...

Gimme a hand here - - -

Thanks

Does one of these work?

In other words, if your username on the web server is "boingo", then you'd type "ssh boingo@www.yourserver.com"

You can also use the IP address if you don't have a domain name.

OR, if that didn't work:

It should ask you for your name/password.

There's a lot of information on ssh and telnet in the Unix help files. Open a Terminal window and type "man ssh" or "man telnet". Man is short for manual. It's a good place to start for reference.

Good luck! :)

Re: Security
 

I don't think I'm getting my question across clearly. :) Yes I am quite familiar with remote use and administration, I know what you can do with telnet and what you can do with ftp. A person could delete my whole web site if they got my ftp password too. That's not what I'm asking about....

What I am asking about is since your username & password isn't sent by a secure protocol when you use email, ftp, isn't that just as insecure as sending your user & pass with telnet? Not for what you can do with it, but simply by the fact that a malicious user can snag it? It would seem to me that it is. Is this incorrect?

ok one more time
 

NO IT IS NOT
telnet and ssh are different from email and ftp.

Now lets go thru this one more time.
email and ftp don't require you to have shell on the server. Telnet does.

The risk here is that a blackhat can GAIN root control over your box, and use it to attack other boxes or rm the hard drive entirely.

This puts telnet and ssh into another whole class from email and ftp.

Insecure email is like giving someone the keys to your letterbox. Woo, they can read your mail - possibly containing sensitive information that they can use to do further damage, but on its own not too dangerous.

Insecure ftp is like giving someone the keys to your garage.
Woo, they've got into your garage. They can mess it up a bit, trash your car, but at least your family should be fairly safe if you've got a good enough door between garage and house

Insecure shell is like giving someone the keys to your house, and from there it's also quite easy to make keys for all the OTHER houses on your street.
Aw crap.

In summary, they're _all_pretty bad, but some of the risks are less acceptable than others.

<edit>
w00t! I'm a major leaguer!
</edit>

grrl_geek - Thanks!

ssh comes with scp
 

no need to use ftp really
ssh comes with another program scp.

scp username@hostip:/dir/to/where/you/want/thefiletogo/.

benefits
again username and password and ALL the traffic is encrypted.

Additionally you can put the file anywhere on the target host that username has write privs to.

scp also allows remote-to-remote copy...

hostx:~ % scp usera@hosta:/patha/filea userb@hostb:/pathb/fileb

-----

vfrpilot, your real problem is a trapped error in the local telnet exe (i think) loading some dynamic library
is the telnetd daemon running on the remote host?

can you:

% telnet smtp.yourisp.com 25

without error?

Re: ok one more time
 

Yes I realize this. Once again :D this is NOT what I'm asking. Why are you so upset about this? Weird.

Okay, but with a little let patronizing would be better. I'm just trying to learn here.

These points don't address my question at all. I already understand and realize all of this. I am just going to assume that I'm correct, sniffers could pick up an email password as easily as a telnet password.

...now to try and help vfrpilot with her/his question. First, these folks are right, you really should be using SSH. Here is how to use Telnet in the terminal for knowledge's sake though. Type:

telnet <hit enter>
open <hit enter>
type in ip address or domain to telnet too
You'll be prompted for your username & password.

I hope that helps!
Post back with questions. :)

Thanks!

Re: Re: ok one more time
 

Well, yes, of course. That's trivial.

But the question you originally asked was about the relative insecurity of cleartext logins using the three protocols.
Losing your login password is a much greater security loss than losing your email password or an ftp password. (Assuming your password policies are sane and you don't use the same password for all three. If you allow that you're exactly right, and compromising your email password is equivalent to losing your login password.)

Breen

don't mean
 

to be patronizing, I've just seen far too many folks using telnet and getting burned by it, I've just had to explain the security aspects of this way too many times ;-)


you can also do:

telnet <ip>

enter username and password

you can also do

ssh username@<ip>
enter username and password


telnet bad, ssh good