Terminal access to remote devices is an important part of network and security management. In this video, you’ll learn how to use Telnet and SSH to manage your network infrastructure.
<< Previous Video: ICMP and SNMPNext: Transferring Files >>
As a security administrator, you will very often be called on to configure the security devices that you may have located all over your network. These may be located in the same building that you reside in or they might be in a different country. So in those cases, you need to be able to sit at your desk and then remotely access those devices. Two of the very common ways to do this is through a Telnet console or an SSH console.
Telnet stands for Telecommunication Network. And it’s a very common way to be able to connect to a device remotely across the network. This gives you a console view, very much like the one that you see here. Very much text based, usually there is a command line involved. The important thing to remember with Telnet is that all of the communication between your workstation and that telnet service is going to be completely in the clear. None of this information is encrypted, including your username and your password that you use to log on to this device. That’s obviously an important security consideration. So if you are in a production network and there is a lot of security that you’re concerned about, Telnet may not be the best way to connect to these remote devices.
If you’re running on a Linux workstation or an OS 10 workstation, you may find that the Telnet client application that we’re about to use is installed by default. If you’re on Windows, the Telnet client is not installed by default in the Windows configuration. You’ll have to go back into the Windows setup area to add that particular component to the operating system. And that should give you a pretty good idea that using Telnet probably is not the first place you should go if it’s not included in the operating system by default.
In fact, if you’re running in any type of secure environment, in any size organization, you’re probably never going to use Telnet. But there are a number of Telnet servers out on the internet. Let’s try connecting to one. I’ll simply type Telnet. And one that I’d like to use is called rainmaker.weatherundergroundwunderground.com This is hosted by the Weather Underground service. It gives you information about weather forecasts. And you could see it even says, “Welcome to the Weather Underground Telnet service.” And it says the National Weather Service information. That’s what’s in here. Press “return” to continue. We will press “return” and it says, “enter a three digit city code.” I’ll put TLH for Tallahassee. And it gives me the information about Tallahassee: the temperature, the humidity, the winds. And I can use this Telnet front end to gather other pieces of information.
Telnet was a good choice here because it didn’t require any type of encryption. There is no username and no password and allows the Weather Underground service to provide this to many different resources. If this was a security device, however, and we were wanting to not only protect our login information, but protect the information that was being sent back to us, then we would probably want to use a protocol like SSH.
SSH stands for Secure Shell. And this gives us the same console front end, but all of the communication behind the scenes is encrypted. Means everything from your computer to the device you’re talking to on the other side is not something that someone could connect to, gather packets, and be able to piece together the information the way back and forth. Obviously, in most environments, this is exactly the type of console that you want to use because you could be assured the nobody’s going to pick out your username, password, or any of the communication between you and that other device.
If you’re running in Linux or you’re running in OS 10, SSH is a natural part of the operating system. It’s generally installed in most builds of those operating systems. If you’re using Windows, you may have to use a separate application, such as PuTTY, to be able to use an SSH console. We use the Telnet console earlier to connect in and look at weather.
Now let’s use SSH to do something that’s a little more fun. We’ll SSH to nethack@alt.org This is going to alt.org and it’s using NetHack as the name that it will use to connect to this device. In the case of this NetHack game, this initial connection doesn’t require any particular passwords. It simply presents me with the screen for NetHack And you can log in, register as a new user, watch games in progress. We’ll hit W. Here’s a list of the games in progress. Now, notice that the console looks remarkably similar to using a Telnet console, and it should. Both of them look exactly the same. But now all of this communication behind the scenes is completely encrypted.
Usually we’d be using SSH to connect to a firewall, or a router, or a switch, and we’d be making some configuration changes. This information, obviously, is relatively sensitive. So using the SSH protocol insures that all of that communication will remain secure.