TELNET(1) User Commands TELNET(1)
NAME
telnet - user interface to a remote system using the TELNET protocol
SYNOPSIS
telnet [
-8EFKLacdfrx] [
-X atype] [
-e escape_char]
[
-k realm] [
-l user] [
-n file]
[ [ [!] @hop1 [@hop2...] @]
host [
port]]
DESCRIPTION
The
telnet utility communicates with another host using the
TELNET protocol. If
telnet is invoked without arguments, it enters command mode,
indicated by its prompt,
telnet>. In this mode, it accepts and executes
its associated commands. See
USAGE. If it is invoked with arguments, it
performs an
open command with those arguments.
If, for example, a
host is specified as
@hop1@hop2@host, the connection
goes through hosts
hop1 and
hop2, using loose source routing to end at
host. If a leading
! is used, the connection follows strict source
routing. Notice that when
telnet uses IPv6, it can only use loose source
routing, and the connection ignores the
!.
Once a connection has been opened,
telnet enters input mode. In this
mode, text typed is sent to the remote host. The input mode entered will
be either "line mode", "character at a time", or "old line by line",
depending upon what the remote system supports.
In "line mode", character processing is done on the local system, under
the control of the remote system. When input editing or character echoing
is to be disabled, the remote system will relay that information. The
remote system will also relay changes to any special characters that
happen on the remote system, so that they can take effect on the local
system.
In "character at a time" mode, most text typed is immediately sent to the
remote host for processing.
In "old line by line" mode, all text is echoed locally, and (normally)
only completed lines are sent to the remote host. The "local echo
character" (initially
^E) may be used to turn off and on the local echo.
(Use this mostly to enter passwords without the password being echoed.).
If the "line mode" option is enabled, or if the
localchars toggle is
TRUE (the default in "old line by line" mode), the user's
quit,
intr, and
flush characters are trapped locally, and sent as
TELNET protocol
sequences to the remote side. If "line mode" has ever been enabled, then
the user's
susp and
eof are also sent as
TELNET protocol sequences.
quit is then sent as a
TELNET ABORT instead of
BREAK. The options
toggle autoflush and
toggle autosynch cause this action to flush subsequent
output to the terminal (until the remote host acknowledges the
TELNET sequence); and to flush previous terminal input, in the case of
quit and
intr.
While connected to a remote host, the user can enter
telnet command mode
by typing the
telnet escape character (initially
^]). When in command
mode, the normal terminal editing conventions are available. Pressing
RETURN at the
telnet command prompt causes
telnet to exit command mode.
OPTIONS
The following options are supported:
-8 Specifies an 8-bit data path. Negotiating the
TELNET BINARY option is
attempted for both input and output.
-a Attempts automatic login. This sends the user name by means of the
USER variable of the
ENVIRON option, if supported by the remote
system. The name used is that of the current user as returned by
getlogin(3C) if it agrees with the current user
ID. Otherwise, it is
the name associated with the user
ID.
-c Disables the reading of the user's
telnetrc file. (See the
toggle skiprc command on this reference page.)
-d Sets the initial value of the
debug toggle to
TRUE.
-e escape_char Sets the initial escape character to
escape_char.
escape_char may
also be a two character sequence consisting of
^ (Control key)
followed by one character. If the second character is
?, the
DEL character is selected. Otherwise, the second character is converted
to a control character and used as the escape character. If
escape_char is defined as the null string (that is,
-e ''), this is
equivalent to
-e '
^@' (Control-@). To specify that no character can
be the escape character, use the
-E option.
-E Stops any character from being recognized as an escape character.
-f Forwards a copy of the local credentials to the remote system.
-F Forwards a forwardable copy of the local credentials to the remote
system.
-k realm If Kerberos authentication is being used, requests that
telnet obtain
tickets for the remote host in
realm instead of the remote host's
default realm as determined in
krb5.conf(5).
-K Specifies no automatic login to the remote system.
-l user When connecting to a remote system that understands the
ENVIRON option, then
user will be sent to the remote system as the value for
the
ENVIRON variable
USER.
-L Specifies an 8-bit data path on output. This causes the
BINARY option
to be negotiated on output.
-n tracefile Opens
tracefile for recording trace information. See the
set tracefile command below.
-r Specifies a user interface similar to
rlogin. In this mode, the
escape character is set to the tilde (
~) character, unless modified
by the
-e option. The
rlogin escape character is only recognized when
it is preceded by a carriage return. In this mode, the
telnet escape
character, normally '
^]', must still precede a
telnet command. The
rlogin escape character can also be followed by '
.\r' or '
^Z', and,
like
rlogin(1), closes or suspends the connection, respectively. This
option is an uncommitted interface and may change in the future.
-x Turns on encryption of the data stream. When this option is turned
on,
telnet will exit with an error if authentication cannot be
negotiated or if encryption cannot be turned on.
-X atype Disables the
atype type of authentication.
USAGE
telnet Commands The commands described in this section are available with
telnet. It is
necessary to type only enough of each command to uniquely identify it.
(This is also true for arguments to the
mode,
set,
toggle,
unset,
environ, and
display commands.)
auth argument ...
The
auth command manipulates the information sent through the
TELNET AUTHENTICATE option. Valid arguments for the
auth command are as
follows:
disable type Disables the specified type of authentication. To obtain a list
of available types, use the
auth disable ? command.
enable type Enables the specified type of authentication. To obtain a list of
available types, use the
auth enable ? command.
status Lists the current status of the various types of authentication.
open [
-l user ] [ [!] @
hop1 [@
hop2 ...]@
host [
port ]
Open a connection to the named host. If no port number is specified,
telnet will attempt to contact a
TELNET server at the default port.
The host specification may be either a host name (see
hosts(5)) or an
Internet address specified in the "dot notation" (see
inet(4P) or
inet6(4P)). If the
host is specified as
@hop1@hop2@host, the
connection goes through hosts
hop1 and
hop2, using loose source
routing to end at
host. The
@ symbol is required as a separator
between the hosts specified. If a leading
! is used with IPv4, the
connection follows strict source routing.
The
-l option passes the
user as the value of the
ENVIRON variable
USER to the remote system.
close Close any open
TELNET session and exit
telnet. An
EOF (in command
mode) will also close a session and exit.
encrypt The encrypt command manipulates the information sent through the
TELNET ENCRYPT option.
Valid arguments for the encrypt command are as follows:
disable type [
input|
output]
Disables the specified type of encryption. If you omit the input
and output, both input and output are disabled. To obtain a list
of available types, use the
encrypt disable ? command.
enable type [
input|
output]
Enables the specified type of encryption. If you omit input and
output, both input and output are enabled. To obtain a list of
available types, use the
encrypt enable ? command.
input This is the same as the
encrypt start input command.
-input This is the same as the
encrypt stop input command.
output This is the same as the
encrypt start output command.
-output This is the same as the
encrypt stop output command.
start [
input|
output]
Attempts to start encryption. If you omit input and output, both
input and output are enabled. To obtain a list of available
types, use the
encrypt enable ? command.
status Lists the current status of encryption.
stop [
input|
output]
Stops encryption. If you omit input and output, encryption is on
both input and output.
type type Sets the default type of encryption to be used with later
encrypt start or
encrypt stop commands.
quit Same as
close.
z Suspend
telnet. This command only works when the user is using a
shell that supports job control, such as
sh(1).
mode type The remote host is asked for permission to go into the requested
mode. If the remote host is capable of entering that mode, the
requested mode will be entered. The argument
type is one of the
following:
character Disable the
TELNET LINEMODE option, or, if the remote side does
not understand the
LINEMODE option, then enter "character at a
time" mode.
line Enable the
TELNET LINEMODE option, or, if the remote side does
not understand the
LINEMODE option, then attempt to enter "old-
line-by-line" mode.
isig (
-isig)
Attempt to enable (disable) the
TRAPSIG mode of the
LINEMODE option. This requires that the
LINEMODE option be enabled.
edit (
-edit)
Attempt to enable (disable) the
EDIT mode of the
LINEMODE option.
This requires that the
LINEMODE option be enabled.
softtabs (
-softtabs)
Attempt to enable (disable) the
SOFT_TAB mode of the
LINEMODE option. This requires that the
LINEMODE option be enabled.
litecho (
-litecho)
Attempt to enable (disable) the
LIT_ECHO mode of the
LINEMODE option. This requires that the
LINEMODE option be enabled.
? Prints out help information for the
mode command.
status Show the current status of
telnet. This includes the peer one is
connected to, as well as the current mode.
display [
argument...] Display all, or some, of the
set and
toggle values (see
toggle argument...).
? [
command] Get help. With no arguments,
telnet prints a help summary.
If a command is specified,
telnet will print the help information for
just that command.
send argument... Send one or more special character sequences to the remote host. The
following are the arguments that can be specified (more than one
argument may be specified at a time):
escape Send the current
telnet escape character (initially
^]).
synch Send the
TELNET SYNCH sequence. This sequence discards all
previously typed, but not yet read, input on the remote system.
This sequence is sent as
TCP urgent data and may not work if the
remote system is a 4.2
BSD system. If it does not work, a
lowercase "r" may be echoed on the terminal.
brk or
break Send the
TELNET BRK (Break) sequence, which may have significance
to the remote system.
ip Send the
TELNET IP (Interrupt Process) sequence, which aborts the
currently running process on the remote system.
abort Send the
TELNET ABORT (Abort Process) sequence.
ao Send the
TELNET AO (Abort Output) sequence, which flushes all
output from the remote system to the user's terminal.
ayt Send the
TELNET AYT (Are You There) sequence, to which the remote
system may or may not respond.
ec Send the
TELNET EC (Erase Character) sequence, which erases the
last character entered.
el Send the
TELNET EL (Erase Line) sequence, which should cause the
remote system to erase the line currently being entered.
eof Send the
TELNET EOF (End Of File) sequence.
eor Send the
TELNET EOR (End Of Record) sequence.
ga Send the
TELNET GA (Go Ahead) sequence, which probably has no
significance for the remote system.
getstatus If the remote side supports the
TELNET STATUS command,
getstatus will send the subnegotiation to request that the server send its
current option status.
nop Send the
TELNET NOP (No Operation) sequence.
susp Send the
TELNET SUSP (Suspend Process) sequence.
do option dont option will option wont option Send the
TELNET protocol option negotiation indicated. Option may
be the text name of the protocol option, or the number
corresponding to the option. The command will be silently
ignored if the option negotiation indicated is not valid in the
current state. If the
option is given as
help or
?, the list of
option names known is listed. This command is mostly useful for
unusual debugging situations.
? Print out help information for the
send command.
set argument [
value]
unset argument Set any one of a number of
telnet variables to a specific value. The
special value
off turns off the function associated with the
variable. The values of variables may be interrogated with the
display command. If
value is omitted, the value is taken to be true,
or "on". If the
unset form is used, the value is taken to be false,
or
off. The variables that may be specified are:
echo This is the value (initially
^E) that, when in "line by line"
mode, toggles between local echoing of entered characters for
normal processing, and suppressing echoing of entered characters,
for example, entering a password.
escape This is the
telnet escape character (initially
^]) that enters
telnet command mode when connected to a remote system.
interrupt If
telnet is in
localchars mode (see
toggle,
localchars) and the
interrupt character is typed, a
TELNET IP sequence (see
send and
ip) is sent to the remote host. The initial value for the
interrupt character is taken to be the terminal's
intr character.
quit If
telnet is in
localchars mode and the
quit character is typed,
a
TELNET BRK sequence (see
send,
brk) is sent to the remote host.
The initial value for the quit character is taken to be the
terminal's
quit character.
flushoutput If
telnet is in
localchars mode and the
flushoutput character is
typed, a
TELNET AO sequence (see
send,
ao) is sent to the remote
host. The initial value for the flush character is taken to be
the terminal's
flush character.
erase If
telnet is in
localchars mode
and operating in "character at a
time" mode, then when the
erase character is typed, a
TELNET EC sequence (see
send,
ec) is sent to the remote system. The initial
value for the
erase character is taken to be the terminal's
erase character.
kill If
telnet is in
localchars mode
and operating in "character at a
time" mode, then when the
kill character is typed, a
TELNET EL sequence (see
send,
el) is sent to the remote system. The initial
value for the
kill character is taken to be the terminal's
kill character.
eof If
telnet is operating in "line by line"/ mode, entering the
eof character as the first character on a line sends this character
to the remote system. The initial value of
eof is taken to be the
terminal's
eof character.
ayt If
telnet is in
localchars mode, or
LINEMODE is enabled, and the
status character is typed, a
TELNET AYT ("Are You There")
sequence is sent to the remote host. (See
send,
ayt above.) The
initial value for
ayt is the terminal's status character.
forw1 forw2 If
telnet is operating in
LINEMODE, and the
forw1 or
forw2 characters are typed, this causes the forwarding of partial lines
to the remote system. The initial values for the forwarding
characters come from the terminal's
eol and
eol2 characters.
lnext If
telnet is operating in
LINEMODE or "old line by line" mode,
then the
lnext character is assumed to be the terminal's
lnext character. The initial value for the
lnext character is taken to
be the terminal's
lnext character.
reprint If
telnet is operating in
LINEMODE or "old line by line" mode,
then the
reprint character is assumed to be the terminal's
reprint character. The initial value for
reprint is taken to be
the terminal's
reprint character.
rlogin This is the
rlogin escape character. If set, the normal
telnet escape character is ignored, unless it is preceded by this
character at the beginning of a line. The
rlogin character, at
the beginning of a line followed by a "
." closes the connection.
When followed by a
^Z, the
rlogin command suspends the
telnet command. The initial state is to disable the
rlogin escape
character.
start If the
TELNET TOGGLE-FLOW-CONTROL option has been enabled, then
the
start character is taken to be the terminal's
start character. The initial value for the
kill character is taken to
be the terminal's
start character.
stop If the
TELNET TOGGLE-FLOW-CONTROL option has been enabled, then
the
stop character is taken to be the terminal's
stop character.
The initial value for the
kill character is taken to be the
terminal's
stop character.
susp If
telnet is in
localchars mode, or
LINEMODE is enabled, and the
suspend character is typed, a
TELNET SUSP sequence (see
send,
susp above) is sent to the remote host. The initial value for the
suspend character is taken to be the terminal's
suspend character.
tracefile This is the file to which the output, generated when the
netdata or the
debug option is
TRUE, will be written. If
tracefile is set
to "
-", then tracing information will be written to standard
output (the default).
worderase If
telnet is operating in
LINEMODE or "old line by line" mode,
then this character is taken to be the terminal's
worderase character. The initial value for the
worderase character is taken
to be the terminal's
worderase character.
? Displays the legal
set and
unset commands.
slc state The
slc (Set Local Characters) command is used to set or change the
state of special characters when the
TELNET LINEMODE option has been
enabled. Special characters are characters that get mapped to
TELNET commands sequences (like
ip or
quit) or line editing characters (like
erase and
kill). By default, the local special characters are
exported. The following values for
state are valid:
check Verifies the settings for the current special characters. The
remote side is requested to send all the current special
character settings. If there are any discrepancies with the local
side, the local settings will switch to the remote values.
export Switches to the local defaults for the special characters. The
local default characters are those of the local terminal at the
time when
telnet was started.
import Switches to the remote defaults for the special characters. The
remote default characters are those of the remote system at the
time when the
TELNET connection was established.
? Prints out help information for the
slc command.
toggle argument...
Toggle between
TRUE and
FALSE the various flags that control how
telnet responds to events. More than one argument may be specified.
The state of these flags may be interrogated with the
display command. Valid arguments are:
authdebug Turns on debugging information for the
authentication code.
autodecrypt When the
TELNET ENCRYPT option is negotiated, by
default the actual encryption (decryption) of the
data stream does not start automatically. The
autoencrypt (autodecrypt) command states that
encryption of the output (input) stream should be
enabled as soon as possible.
autologin If the remote side supports the
TELNET AUTHENTICATION option,
telnet attempts to use it
to perform automatic authentication. If the
AUTHENTICATION option is not supported, the
user's login name is propagated through the
TELNET ENVIRON option. This command is the same
as specifying the
-a option on the
open command.
autoflush If
autoflush and
localchars are both
TRUE, then
when the
ao,
intr, or
quit characters are
recognized (and transformed into
TELNET sequences; see
set for details),
telnet refuses
to display any data on the user's terminal until
the remote system acknowledges (using a
TELNET Timing Mark option) that it has processed those
TELNET sequences. The initial value for this
toggle is
TRUE if the terminal user has not done
an "stty noflsh". Otherwise, the value is
FALSE (see
stty(1)).
autosynch If
autosynch and
localchars are both
TRUE, then
when either the
interrupt or
quit characters are
typed (see
set for descriptions of
interrupt and
quit), the resulting
TELNET sequence sent is
followed by the
TELNET SYNCH sequence. This
procedure
should cause the remote system to begin
throwing away all previously typed input until
both of the
TELNET sequences have been read and
acted upon. The initial value of this toggle is
FALSE.
binary Enable or disable the
TELNET BINARY option on
both input and output.
inbinary Enable or disable the
TELNET BINARY option on
input.
outbinary Enable or disable the
TELNET BINARY option on
output.
crlf Determines how carriage returns are sent. If the
value is
TRUE, then carriage returns will be sent
as
<CR><LF>. If the value is
FALSE, then carriage
returns will be send as
<CR><NUL>. The initial
value for this toggle is
FALSE.
crmod Toggle RETURN mode. When this mode is enabled,
most RETURN characters received from the remote
host will be mapped into a RETURN followed by a
line feed. This mode does not affect those
characters typed by the user, only those received
from the remote host. This mode is useful only
for remote hosts that send RETURN but never send
LINEFEED. The initial value for this toggle is
FALSE.
debug Toggle socket level debugging (only available to
the super-user). The initial value for this
toggle is
FALSE.
encdebug Turns on debugging information for the encryption
code.
localchars If this toggle is
TRUE, then the
flush,
interrupt,
quit,
erase, and
kill characters (see
set) are recognized locally, and transformed into
appropriate
TELNET control sequences,
respectively
ao,
ip,
brk,
ec, and
el (see
send).
The initial value for this toggle is
TRUE in
"line by line" mode, and
FALSE in "character at a
time" mode. When the
LINEMODE option is enabled,
the value of
localchars is ignored, and assumed
always to be
TRUE. If
LINEMODE has ever been
enabled, then
quit is sent as
abort, and
eof and
suspend are sent as
eof and
susp (see
send above).
netdata Toggle the display of all network data (in
hexadecimal format). The initial value for this
toggle is
FALSE.
options Toggle the display of some internal
TELNET protocol processing (having to do with
telnet options). The initial value for this toggle is
FALSE.
prettydump When the
netdata toggle is enabled, if
prettydump is enabled, the output from the
netdata command
will be formatted in a more user readable format.
Spaces are put between each character in the
output. The beginning of any
TELNET escape
sequence is preceded by an asterisk (
*) to aid in
locating them.
skiprc When the
skiprc toggle is
TRUE,
TELNET skips the
reading of the
.telnetrc file in the user's home
directory when connections are opened. The
initial value for this toggle is
FALSE.
termdata Toggles the display of all terminal data (in
hexadecimal format). The initial value for this
toggle is
FALSE.
verbose_encrypt When the
verbose_encrypt flag is
TRUE,
TELNET prints out a message each time encryption is
enabled or disabled. The initial value for this
toggle is
FALSE.
? Display the legal
toggle commands.
environ argument... The
environ command is used to manipulate variables that may be sent
through the
TELNET ENVIRON option. The initial set of variables is
taken from the users environment. Only the
DISPLAY and
PRINTER variables are exported by default. Valid arguments for the
environ command are:
define variable value Define
variable to have a value of
value. Any variables defined
by this command are automatically exported. The
value may be
enclosed in single or double quotes, so that tabs and spaces may
be included.
undefine variable Remove
variable from the list of environment variables.
export variable Mark the
variable to be exported to the remote side.
unexport variable Mark the
variable to not be exported unless explicitly requested
by the remote side.
list List the current set of environment variables. Those marked with
an asterisk (
*) will be sent automatically. Other variables will
be sent only if explicitly requested.
? Prints out help information for the
environ command.
logout Sends the
telnet logout option to the remote side. This command is
similar to a
close command. However, if the remote side does not
support the
logout option, nothing happens. If, however, the remote
side does support the
logout option, this command should cause the
remote side to close the
TELNET connection. If the remote side also
supports the concept of suspending a user's session for later
reattachment, the
logout argument indicates that the remote side
should terminate the session immediately.
FILES
$HOME/.telnetrc file that contains commands to be executed before
initiating a
telnet session
SEE ALSO
rlogin(1),
sh(1),
stty(1),
getlogin(3C),
inet(4P),
inet6(4P),
hosts(5),
krb5.conf(5),
nologin(5),
telnetrc(5),
attributes(7)DIAGNOSTICS
NO LOGINS: System going down in N minutes The machine is in the process of being shut down and logins have been
disabled.
NOTES
On some remote systems, echo has to be turned off manually when in "line
by line" mode.
In "old line by line" mode, or
LINEMODE, the terminal's
EOF character is
only recognized (and sent to the remote system) when it is the first
character on a line.
The
telnet protocol only uses single DES for session protection--clients
request service tickets with single DES session keys. The KDC must know
that host service principals that offer the
telnet service support single
DES, which, in practice, means that such principals must have single DES
keys in the KDC database.
August 17, 2006
TELNET(1)