What is Telnet?
Learn what Telnet is, how it works over TCP port 23, why it is insecure, and why SSH replaced it — with interview Q&A.
Expected Interview Answer
Telnet is an application-layer protocol that provides a text-based, interactive terminal session to a remote host over TCP port 23, sending everything — including usernames and passwords — as unencrypted plaintext.
A Telnet client opens a TCP connection to a server, and once negotiated, keystrokes typed on the client are sent to the remote host and the resulting output is streamed back, giving the illusion of a local terminal on a remote machine. It was the dominant way to administer routers, switches, and Unix servers before encryption became standard practice. Because Telnet transmits every byte in cleartext, anyone able to observe the network path — a shared hub, a compromised switch, or a rogue Wi-Fi access point — can capture login credentials and full session contents trivially. For this reason, Telnet has been almost entirely replaced by SSH in production environments, though it still shows up in interviews as a baseline for explaining why encrypted remote access matters, and occasionally survives for talking to legacy serial-console servers or embedded devices on isolated management networks.
- Simple, low-overhead remote terminal protocol
- Useful for quick plaintext port/service testing
- Historically the standard way to manage network devices
- Illustrates why encrypted alternatives like SSH became mandatory
AI Mentor Explanation
Telnet is like a team’s tactical instructions being shouted across an open field in plain language during a match — anyone standing near the boundary rope, including the opposition, can hear the exact plan being called out. It works fine for a friendly practice net where nobody is trying to eavesdrop, but in a real match it would leak strategy to the other side instantly. This is exactly why Telnet’s cleartext commands are considered unsafe on any network you do not fully control.
Step-by-Step Explanation
Step 1
Connect
The Telnet client opens a TCP connection to the server, typically on port 23.
Step 2
Negotiate
Client and server negotiate terminal options such as echo mode and terminal type.
Step 3
Authenticate in cleartext
The username and password are typed and sent across the network as plain, unencrypted text.
Step 4
Interactive session
Keystrokes and command output stream back and forth for the rest of the session, still unencrypted.
What Interviewer Expects
- Correctly identifies Telnet as unencrypted remote terminal access
- Names TCP port 23 and the application layer
- Explains the cleartext credential risk clearly
- Knows SSH is the modern, encrypted replacement
Common Mistakes
- Thinking Telnet is still an acceptable choice for production administration
- Confusing Telnet with SSH functionality or security guarantees
- Not knowing Telnet traffic is fully readable to a network sniffer
- Forgetting Telnet still appears for testing raw TCP ports and legacy consoles
Best Answer (HR Friendly)
“Telnet is an old way to remotely control another computer’s command line, but the catch is that everything you type, including your password, gets sent across the network in plain readable text. That is why almost nobody uses it for real administration anymore — it was replaced by SSH, which encrypts the whole session so nobody snooping on the network can read it.”
Code Example
# Connect to a remote host on the default Telnet port
telnet 192.168.1.10 23
# Quick test of whether a TCP port is open (common non-login use)
telnet smtp.example.com 25
# Capture a Telnet session to see cleartext credentials (for demonstration on a lab network)
sudo tcpdump -A -i any port 23Follow-up Questions
- Why was Telnet replaced by SSH for remote administration?
- What TCP port does Telnet use by default?
- Can Telnet still be useful for anything today?
- How would you detect Telnet traffic on a network you are auditing?
MCQ Practice
1. What is the primary security weakness of Telnet?
Telnet sends all session data, including login credentials, as unencrypted plaintext.
2. What is the default TCP port for Telnet?
Telnet listens on TCP port 23 by default.
3. Which protocol is the modern, encrypted replacement for Telnet?
SSH provides the same interactive remote terminal capability but with full encryption.
Flash Cards
What is Telnet? — An application-layer protocol for interactive remote terminal access over TCP, typically port 23.
Telnet security weakness? — All data, including passwords, is sent as unencrypted plaintext.
What replaced Telnet? — SSH, which encrypts the entire session.
Is Telnet still used today? — Rarely for administration; sometimes for raw port testing or isolated legacy devices.