Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Remote Login: TELNET and SSH

advertisement 
Chapter 20
Remote Login:
TELNET
and
SSH
TCP/IP Protocol Suite
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1
OBJECTIVES:
 To introduce the TELNET protocol and show how it implements
local and remote login.
 To discuss options and sub-options used in TELNET and how
they are negotiated.
 To define out-of-band signaling in TELNET.
 To define different modes of operations in TELNET.
 To introduce SSH as an alternative to TELNET.
 To show how different components of SSH are combined to
provide a secure connection over an insecure TCP connection.
 To discuss port-forwarding in SSH and how it can be used to
provide security for other applications.
TCP/IP Protocol Suite
2
Chapter
Outline
TCP/IP Protocol Suite
20.1
TELNET
20.2
Secure Shell (SSH)
3
20-1 TELNET
TELNET is an abbreviation for TErminaL NETwork.
It is the standard TCP/IP protocol for virtual terminal
service as proposed by ISO. TELNET enables the
establishment of a connection to a remote system in
such a way that the local terminal appears to be a
terminal at the remote system.
TCP/IP Protocol Suite
4
Topics Discussed in the Section
 Concepts
 Time-Sharing Environment
 Network Virtual Terminal (NVT)
 Embedding
 Options and Suboption Negotiation
 Controlling the Server
 Out-of-Band Signaling
 Escape Character
 Modes of Operation
 User Interface
 Security Issue
TCP/IP Protocol Suite
5
Note
TELNET is a general-purpose
client-server application program.
TCP/IP Protocol Suite
6
Figure 20.1
TCP/IP Protocol Suite
Local login
7
Figure 20.2
TCP/IP Protocol Suite
Remote login
8
Figure 20.3
TCP/IP Protocol Suite
Concept of NVT
9
Figure 20.4
TCP/IP Protocol Suite
Format of data and control characters
10
TCP/IP Protocol Suite
11
Figure 20.5
c
TCP/IP Protocol Suite
a
An example of embedding
t
f
i
l
e
a IAC EC
1
12
TCP/IP Protocol Suite
13
TCP/IP Protocol Suite
14
Figure 20.6
Offer to enable an option
WILL
Will I enable the option?
DO or DONT
Do (or don’t) enable the option
TCP/IP Protocol Suite
15
Figure 20.7
Request to enable an option
DO
Do enable the option
WILL or WONT
I will (won’t) enable the option
TCP/IP Protocol Suite
16
Figure 20.8
Offer to disable an option
WONT
I won’t use the option any more
DONT
Don’t use it
TCP/IP Protocol Suite
17
Figure 20.9
Request to disable an option
DONT
Don’t use the option any more
WONT
I won’t
TCP/IP Protocol Suite
18
Example 20.1
Figure 20.10 shows an example of option negotiation. In this
example, the client wants the serverto echo each character sent
to the server. In other words, when a character is typed at the
user keyboard terminal, it goes to the server and is sent back to
the screen of the user before being processed. The echo option
is enabled by the server because it is the server that sends the
characters back to the user terminal. Therefore, the client
should request from the server the enabling of the option using
DO. The request consists of three characters: IAC, DO, and
ECHO. The server accepts the request and enables the option.
It informs the client by sending the three-character approval:
IAC, WILL, and ECHO.
TCP/IP Protocol Suite
19
Figure 20.10
Example 20.1: Echo option
Do enable the echo option
1
ECHO
DO
IAC
WILL
IAC
ECHO
I will enable the echo option
TCP/IP Protocol Suite
2
20
TCP/IP Protocol Suite
21
Figure 20.11 Example of sub-option negotiation
I will enable the terminal option
1
Terminal type
WILL
IAC
Do enable terminal option
IAC
DO
2
Terminal type
Set the terminal type to “VT”
3
SE
TCP/IP Protocol Suite
IAC
‘T’
‘V’
Terminal type
SB
IAC
22
TCP/IP Protocol Suite
23
Figure 20.12
TCP/IP Protocol Suite
Example of interrupting an application program
24
Figure 20.13
Out-of-band signaling
Data
Kept
DM
IP
IAC
Data
Discarded
Urgent pointer
TCP/IP Protocol Suite
25
Figure 20.14
TCP/IP Protocol Suite
Two different interruptions
26
Example 20.2
In this example, we use the default mode to show the concept
and its deficiencies even though it is almost obsolete today. The
client and the server negotiate the terminal type and terminal
speed and then the server checks the login and password of the
user (see Figure 20.15).
TCP/IP Protocol Suite
27
Figure 20.15
Example 20.2
GO AHEAD
2
5
9
12
WILL TERMINAL TYPE
DO TERMINAL TYPE
3
GO AHEAD
4
WILL TERMINAL SPEED
DONT TERMINAL SPEED
6
Login:
7
GO AHEAD
8
forouzan
Password:
10
GO AHEAD
11
XXXXX
GO AHEAD
14
TCP/IP Protocol Suite
1
13
cp file1 file2
28
Example 20.3
In this example, we show how the client switches to the
character mode. This requires that the client request the server
to enable the SUPPRESS GO AHEAD and ECHO options (see
Figure 20.16).
TCP/IP Protocol Suite
29
Figure 20.16
Example 20.3
GO AHEAD
2
DO SUPPRESS GO AHEAD
WILL SUPPRESS GO AHEAD
4
7
WILL ECHO
5
Login:
6
f
8
o
o
TCP/IP Protocol Suite
3
DO ECHO
f
9
1
10
30
TCP/IP Protocol Suite
31
20-2 SECURE SHELL (SSH)
Another popular remote login application program is
Secure Shell (SSH). SSH, like TELNET, uses TCP
as the underlying transport protocol, but SSH is
more secure and provides more services than
TELNET.
TCP/IP Protocol Suite
32
Topics Discussed in the Section
 Versions
 Components
 Port Forwarding
 Format of the SSH Packet
TCP/IP Protocol Suite
33
Figure 20.17
TCP/IP Protocol Suite
Components of SSH
34
Figure 20.18
TCP/IP Protocol Suite
Port forwarding
35
Figure 20.19
TCP/IP Protocol Suite
SSH packet format
36
Related documents
Chap-26 VPN
Chap-26 VPN
上課要求(Network Requirement)
上課要求(Network Requirement)
TCP/IP introduction
TCP/IP introduction
OSI Model Pyramid - Redbird Internet Services
OSI Model Pyramid - Redbird Internet Services
Mobile IP
Mobile IP
How to Send e-mail
How to Send e-mail
Chap 2
Chap 2
ICMPv6
ICMPv6
Download
advertisement