The Telnet protocol is often thought
of as simply providing a facility for remote logins
to computer via the Internet. This was its original
purpose although it can be used for many other purposes.
It is best understood in the context of a user with
a simple terminal using the local telnet program (known
as the client program) to run a login session on a
remote computer where his communications needs are
handled by a telnet server program. It should be emphasised
that the telnet server can pass on the data it has
received from the client to many other types of process
including a remote login server. It is described in
RFC854 and was first published in 1983.
Communication is established using the TCP/IP protocols
and communication is based on a set of facilities
known as a
Network Virtual Terminal (NVT).
At the user or client end the telnet client program
is responsible for mapping incoming NVT codes to the
actual codes needed to operate the user's display
device and is also responsible for mapping user generated
keyboard sequences into NVT sequences.
The NVT uses 7 bit codes for characters, the display
device, referred to as a printer in the RFC, is only
required to display the "standard" printing ASCII
characters represented by 7 bit codes and to recognise
and process certain control codes. The 7 bit characters
are transmitted as 8 bit bytes with most significant
bit set to zero. An end-of-line is transmitted as
the character sequence CR (carriage return) followed
by LF (line feed). If it is desired to transmit an
actual carriage return this is transmitted as a carriage
return followed by a NUL (all bits zero) character.
NVT ASCII is used by many other Internet protocols.
The following control codes are required to be understood
by the Network Virtual Terminal.
| Name |
code |
Decimal Value |
Function |
| NULL
| NUL
| 0
| No operation
|
| Line Feed
| LF
| 10
| Moves the printer to the next print line, keeping
the same horizontal position.
|
| Carriage Return
| CR
| 13
| Moves the printer to the left margin of the
current line.
|
The following further control codes are optional
but should have the indicated defined effect on the
display.
| Name |
code |
Decimal Value |
Function |
| BELL
| BEL
| 7
| Produces an audible or visible signal (which
does NOT move the print head.
|
| Back Space
| BS
| 8
| Moves the print head one character position
towards the left margin. [On a printing devices
this mechanism was commonly used to form composite
characters by printing two basic characters on
top of each other.]
|
| Horizontal Tab
| HT
| 9
| Moves the printer to the next horizontal tab
stop. It remains unspecified how either party
determines or establishes where such tab stops
are located.
|
| Vertical Tab
| VT
| 11
| Moves the printer to the next vertical tab stop.
It remains unspecified how either party determines
or establishes where such tab stops are located.
|
| Form Feed
| FF
| 12
| Moves the printer to the top of the next page,
keeping the same horizontal position. [On visual
displays this commonly clears the screen and moves
the cursor to the top left corner.]
|
The NVT keyboard is specified as being capable of
generating all 128 ASCII codes by using keys, key
combinations or key sequences.
Commands
The telnet protocol also specifies various commands
that control the method and various details of the
interaction between the client and server. These commands
are incorporated within the data stream. The commands
are distinguished by the use of various characters
with the most significant bit set. Commands are always
introduced by a character with the decimal code 255
known as an
Interpret as command (IAC) character.
The complete set of special characters is
| Name |
Decimal Code |
Meaning |
| SE
| 240
| End of subnegotiation parameters.
|
| NOP
| 241
| No operation
|
| DM
| 242
| Data mark. Indicates the position of a Synch
event within the data stream. This should always
be accompanied by a TCP urgent notification.
|
| BRK
| 243
| Break. Indicates that the "break" or "attention"
key was hit.
|
| IP
| 244
| Suspend, interrupt or abort the process to which
the NVT is connected.
|
| AO
| 245
| Abort output. Allows the current process to
run to completion but do not send its output to
the user.
|
| AYT
| 246
| Are you there. Send back to the NVT some visible
evidence that the AYT was received.
|
| EC
| 247
| Erase character. The receiver should delete
the last preceding undeleted character from the
data stream.
|
| EL
| 248
| Erase line. Delete characters from the data
stream back to but not including the previous
CRLF.
|
| GA
| 249
| Go ahead. Used, under certain circumstances,
to tell the other end that it can transmit.
|
| SB
| 250
| Subnegotiation of the indicated option follows.
|
| WILL
| 251
| Indicates the desire to begin performing, or
confirmation that you are now performing, the
indicated option.
|
| WONT
| 252
| Indicates the refusal to perform, or continue
performing, the indicated option.
|
| DO
| 253
| Indicates the request that the other party perform,
or confirmation that you are expecting the other
party to perform, the indicated option.
|
| DONT
| 254
| Indicates the demand that the other party stop
performing, or confirmation that you are no longer
expecting the other party to perform, the indicated
option.
|
| IAC
| 255
| Interpret as command
|
There are a variety of options that can be negotiated
between a telnet client and server using commands
at any stage during the connection.
Common Telnet options:
| Decimal code |
Option Name |
RFC |
| 0
| Transmit Binary
| 856
|
| 1
| Echo
| 857
|
| 3
| Suppress Go Ahead
| 858
|
| 5
| Status
| 859
|
| 6
| Timing Mark
| 860
|
| 24
| Terminal Type
| 1091
|
| 31
| Window Size
| 1073
|
| 32
| Terminal Speed
| 1079
|
| 33
| Remote Flow Control
| 1372
|
| 34
| Linemode
| 1184
|
| 36
| Environment Variables
| 1408
|
All Telnet options:
| Decimal Code |
Option Name |
RFC |
| 0 |
Transmit Binary |
856 |
| 1 |
Echo |
857 |
| 2 |
Reconnection |
|
| 3 |
Suppress Go Ahead |
858 |
| 4 |
Approx Message Size Negotiation. |
|
| 5 |
Status |
859 |
| 6 |
Timing Mark |
860 |
| 7 |
Remote Controlled Trans and Echo |
563,
726 |
| 8 |
Output Line Width |
|
| 9 |
Output Page Size |
|
| 10 |
Negotiate About Output Carriage-Return Disposition |
652 |
| 11 |
Negotiate About Output Horizontal Tabstops |
653 |
| 12 |
NAOHTD, Negotiate About Output Horizontal Tab
Disposition |
654 |
| 13 |
Negotiate About Output Formfeed Disposition |
655 |
| 14 |
Negotiate About Vertical Tabstops |
656 |
| 15 |
Negotiate About Output Vertcial Tab Disposition |
657 |
| 16 |
Negotiate About Output Linefeed Disposition |
658 |
| 17 |
Extended ASCII. |
698 |
| 18 |
Logout. |
727 |
| 19 |
Byte Macro |
735 |
| 20 |
Data Entry Terminal |
732,1043 |
| 21 |
SUPDUP |
734,
736 |
| 22 |
SUPDUP Output |
749 |
| 23 |
Send Location |
779 |
| 24 |
Terminal Type |
1091 |
| 25 |
End of Record |
885 |
| 26 |
TACACS User Identification |
927 |
| 27 |
Output Marking |
933 |
| 28 |
TTYLOC, Terminal Location Number. |
946 |
| 29 |
Telnet 3270 Regime |
1041 |
| 30 |
X.3 PAD. |
1053 |
| 31 |
NAWS, Negotiate About Window Size. |
1073 |
| 32 |
Terminal Speed |
1079 |
| 33 |
Remote Flow Control |
1372 |
| 34 |
Linemode |
1184 |
| 35 |
X Display Location. |
1096 |
| 36 |
Environment |
1408 |
| 37 |
Authentication |
1416,
2941, 2942,
2943,2951 |
| 38 |
Encryption Option |
2946 |
| 39 |
New Environment |
1572 |
| 40 |
TN3270E |
2355 |
| 41 |
XAUTH |
|
| 42 |
CHARSET |
2066 |
| 43 |
RSP, Telnet Remote Serial Port |
|
| 44 |
Com Port Control |
2217 |
| 45 |
Telnet Suppress Local Echo |
|
| 46 |
Telnet Start TLS |
|
| 47 |
KERMIT |
2840 |
| 48 |
SEND-URL |
|
| 49 |
FORWARD_X |
|
50
-
137 |
|
|
| 138 |
TELOPT PRAGMA LOGON |
|
| 139 |
TELOPT SSPI LOGON |
|
| 140 |
TELOPT PRAGMA HEARTBEAT |
|
141
-
254 |
|
|
| 255 |
Extended-Options-List |
RFC 861 |
Options are agreed by a process of negotiation which
results in the client and server having a common view
of various extra capabilities that affect the interchange
and the operation of applications.
Either end of a telnet dialogue can enable or disable
an option either locally or remotely. The initiator
sends a 3 byte command of the form
IAC,<type of operation>,<option>
The response is of the same form.
Operation is one of
| Description
| Decimal Code
| Action
|
| WILL
| 251
| Sender wants to do something.
|
| WONT
| 252
| Sender doesn't want to do something.
|
| DO
| 253
| Sender wants the other end to do something.
|
| DONT
| 254
| Sender wants the other not to do something.
|
Associated with each of the these there are various
possible responses
| Sender Sent
| Receiver Responds
| Implication
|
| WILL
| DO
| The sender would like to use a certain facility
if the receiver can handle it. Option is now in
effect
|
| WILL
| DONT
| Receiver says it cannot support the option.
Option is not in effect.
|
| DO
| WILL
| The sender says it can handle traffic from the
sender if the sender wishes to use a certain option.
Option is now in effect.
|
| DO
| WONT
| Receiver says it cannot support the option.
Option is not in effect.
|
| WONT
| DONT
| Option disabled. DONT is only valid response.
|
| DONT
| WONT
| Option disabled. WONT is only valid response.
|
For example if the sender wants the other end to
suppress go-ahead it would send the byte sequence
255(IAC),251(WILL),3
The final byte of the three byte sequence identifies
the required action.
For some of the negotiable options values need to
be communicated once support of the option has been
agreed. This is done using
sub-option negotiation.
Values are communicated via an exchange of value query
commands and responses in the following form.
IAC,SB,<option code number>,1,IAC,SE
and
IAC,SB,<option code>,0,<value>,IAC,SE
For example if the client wishes to identify the
terminal type to the server the following exchange
might take place
Client 255(IAC),251(WILL),24
Server 255(IAC),253(DO),24
Server 255(IAC),250(SB),24,1,255(IAC),240(SE)
Client 255(IAC),250(SB),24,0,'V','T','2','2','0',255(IAC),240(SE)
The first exchange establishes that terminal type (option
number 24) will be handled, the server then enquires
of the client what value it wishes to associate with
the terminal type. The sequence SB,24,1 implies sub-option
negotiation for option type 24, value required (1).
The IAC,SE sequence indicates the end of this request.
The repsonse IAC,SB,24,0,'V'... implies sub-option negotiation
for option type 24, value supplied (0), the IAC,SE sequence
indicates the end of the response (and the supplied
value).
The encoding of the value is specific to the option
but a sequence of characters, as shown above, is common.
No comments:
Post a Comment