Telnet protocol

Introduction to the Telnet protocol

The Telnet protocol is a standard internet protocol enabling terminals and applications to interface over the Internet. This protocol provides the basic rules making it possible to link a client (system composed of a display and keyboard) to a command interpreter (server side).

The Telnet protocol is applied on a TCP connection to send data in ASCII format coded over 8 bits between which the Telnet check sequences come. It therefore provides a communication orientated bi-directional system (half-duplex), coded over 8 bits and easy to implement.

The Telnet protocol relies on three basic concepts:

  • The Network Virtual Terminal (NVT) paradigm;
  • The negotiated options principle;
  • The rules of negotiation.

This is a base protocol, to which certain other protocols from the TCP/IP suite (FTP, SMTP, POP3, ...) are applied. Telnet specifications do not mention authentication because Telnet is totally separated from applications which use it (FTP protocol defines an authentication sequence above Telnet). Additionally, the Telnet protocol is a non secure data transfer protocol, that is the data which it conveys circulates on the network in plain text (in an unencrypted way). When the Telnet protocol is used to connect a remote host to the machine upon which it is implemented as server, this protocol is assigned to port 23.

Except for the associated options and negotiation rules, the Telnet protocol specifications are basic. Data transmission through Telnet consists only of transmitting bytes in the TCP flow (the Telnet protocol specifies that data must by default, i.e. if no option specifies to the contrary, be grouped in a buffer before being sent. More precisely this means that by default the data is sent line by line). When byte 255 is transmitted, the following byte must be interpreted as a command. Byte 255 is therefore called IAC (Interpret As Command). The commands are described further on in the document.

The basic specifications of the Telnet protocol are available in RFC 854, while the many options are described in RFCs 855 to 861.

RFCs relating to Telnet
RFC 854Telnet Protocol Specifications
RFC 855Telnet Option Specifications
RFC 856Telnet binary transmission
RFC 857Telnet Echo Option
RFC 858Telnet Suppress Go ahead Option
RFC 859Telnet Status Option
RFC 860Telnet Timing Mark Option
RFC 861Telnet Extended options-list Option

The notion of the virtual terminal

When the Internet began, the network (ARPANET) was made up of machines where configurations were slightly different (keyboards, character sets, resolutions, length of lines displayed). Moreover, the terminal sessions also had their own way of controlling the incoming/outgoing data flow.

So, instead of creating adaptors for each terminal type so that there could be interoperability between these systems, it was decided to develop a standard interface, called NVT (Network Virtual Terminal), providing a standard communication base, comprised of:

  • 7 bit ASCII characters to which the extended ASCII code is added
  • Three control characters
  • Five optional control characters
  • A set of basic control signals

The Telnet protocol therefore consists of creating an abstraction of the terminal enabling whichever host (client or server) to communicate with another host without knowing its characteristics.

The negotiated options principle

The Telnet protocol specifications make it possible to take into account the fact that certain terminals can offer additional services, not defined in the basic specifications (but in accordance with the specifications), so as to be able to use advanced functions. This functionality is reflected in terms of options. The Telnet protocol therefore offers a system of option negotiations enabling the use of advanced functions in the form of options on either side by initiating requests for its authorization from the remote system.

The Telnet options separately affect each direction of the data channel. So, each end is able to negotiate the options, i.e. to define the options that it:

  • wants to use (DO)
  • refuses to use (DON'T)
  • wants the other end to use (WILL)
  • refuses that the other end use (WON'T)

In this way, each party can issue a request for an option to be used. The other party must then respond as to whether or not it accepts the use of the option. Where the request relates to the deactivation of an option, the recipient of the request must not refuse so as to be completely compatible with the NVT model.

Telnet negotiated options
DOWILLThe originator begins by using the option
WON'TThe originator must not use the option
WILLDOThe originator begins by using the option, after having sent a DO
DON'TThe originator must not use the option
DON'TWON'TThe originator indicates that it has deactivated the option
WON'TDON'TThe originator indicates that the originator must deactivate the option

There are 255 option codes. All the same, the Telnet protocol provides an address space allowing new options to be described.
RFC 855 explains how to document any new option.

The rules of negotiation

The rules of negotiation for options make it possible to avoid wraparound situations (for example when one of the parties sends option negotiation requests to each confirmation from the other party).

  • Requests must only be issued at the time of a mode change.
  • When one of the parties receives a mode change request, it must only acknowledge it if it is not already in the appropriate mode.
  • A request must only be inserted in the data flow at the place where it takes effect.

Exit control characters

The following characters are commands making it possible to control the network virtual terminal display:

Display control commands
0NULLNullThis command allows data to be sent to the remote host without it being interpreted (in particular to indicate that the local host is still online)
1LFLine FeedThis command makes it possible to place the cursor on the following line, in the same horizontal position
2CRCarriage ReturnThis command makes it possible to place the cursor to the extreme left of the current line

So, the command CFLF is defined, composed of two commands CR and LF one after the other (in any order) making it possible to place the cursor at the extreme left on the following line.

Optional control characters

The previous characters are the only ones (among the 128 basic ASCII code characters and 128 extended ASCII code characters) to have a particular meaning for the network virtual terminal. The following characters can potentially have a meaning on a network virtual terminal but are not necessarily used.

Display control commands
7BELBellThis command allows a sound or visual signal to be issued without changing the cursor position
8BSBackSpaceThis command allows the cursor position to be changed to is previous position
9HTHorizontal TabThis command allows the cursor position to be changed to the next tabbed position to the right
11VTVertical TabThis command allows the cursor position to be changed to the next tabbed position on the line below
12FFForm FeedThis command allows the cursor position to be changed to the bottom of the following page while retaining its horizontal position

Session control characters

The following characters are commands which make it possible to control the Telnet session. In order to be interpreted as such these commands must be preceded by the escape character IAC (Interpret As Command). If these bytes are transmitted without being preceded by the IAC character, they will be processed as simple characters. To transmit the IAC character, it must (itself) be preceded by an escape character, in other words it must be doubled.

The commands relating to an option negotiation must be followed by a byte specifying the option. These commands make it possible to interrupt signals, delete information in the terminal cache, etc.

session control characters
240SEEnd of option negotiation
241NOPNo OperationThis command allows data to be sent to the remote host without it being interpreted (in particular to indicate that the local host is still online)
242DMData MarkMakes it possible to empty all buffers between the virtual network terminal and the remote host. It relates to a push on the NVT Synch button and must be linked to a flagging of the Urgent TCP bit
243BRKBreakBreak character for the virtual terminal
244IPInterrupt ProcessThis command makes it possible to suspend, interrupt or abandon the remote process
245AOAbort OutputThis command makes it possible to suspend, interrupt or abandon the display of the remote process
246AYTAre You ThereThis command makes it possible to check that the remote system is still "alive"
247ECErase CharacterThis command allows the previous character to be deleted.
248ELErase LineThis command allows the previous line to be deleted.
249GAGo AheadThis command makes it possible to reverse control, for half-duplex links
250SBSBThis command indicates that the data which follows is a negotiation for the previous option
251WILLoption code
252WON'Toption code
253DOoption code
254DON'Toption code
255IACInterpret As CommandThis command allows the following byte to be interpreted as a command. The IAC command makes it possible to go beyond the basic commands

More information

Article written by Jeff PILLOU

Ask a question
CCM is a leading international tech website. Our content is written in collaboration with IT experts, under the direction of Jean-François Pillou, founder of CCM reaches more than 50 million unique visitors per month and is available in 11 languages.
This document, titled « Telnet protocol », is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (

Subscribe To Our Newsletter!

The Best of CCM in Your Inbox

Subscribe To Our Newsletter!