The difference between SSH and Telnet

ssh  is encrypted, based on   . telnet  is a plaintext transmission, the data sent by the listener does not need to decrypt the content can be seen. Two non-generic, now not recommended to use  telnet . Because now the network monitoring means very developed. And it's easy for the middle man to attack. = = The following is a reference = = Secure Sockets Layer (Secure sockets layer,) and its successor Transport Layer Security (transport layer security, ) is a security protocol that provides security and data integrity for network communications. To encrypt the network connection at the transport layer. ============== uses the key algorithm to provide endpoint authentication and communication secrecy on the Internet, which is based on the public Key Infrastructure (). In a typical example of implementation, however, only network services are reliably authenticated, and their clients are not necessarily. This is because the public key infrastructure is generally commercially operating, and electronic signature certificates are expensive to buy, and a certificate that the general public can hardly afford. The protocol is designed to to some extent enable the client/server application communication itself to prevent eavesdropping, interference (tampering), and message forgery. TLS contains three basic phases:   1.  peer negotiation supported key algorithm    2.  private key encryption Exchange public key, certificate-based identity authentication     3.  data transmission secrecy based on public key cryptography in the first phase, the client negotiates with the server with the cryptographic algorithm.   currently widely implemented algorithms are selected as follows:    *  public key security system:, Diffie-hellman, and fortezza;    *   Private key security system: RC2, RC4 、、、 triple  and;    *  one-way hash function: MD5 and. ========== below briefly describes how the SSL protocol works. The client wants to send and receive several handshake signals:    *  sends a CLIENTHELLO message stating the list of cryptographic algorithms it supports, the compression method and the highest protocol version, and also the random number that will be used later.     *  then receives a Serverhello message that contains the connection parameters selected by the server, originating from the Clien that the client initially providedThello.     *  When both parties know the connection parameters, the client exchanges the certificate with the server (relying on the selected public key System). These certificates are usually based on the OpenPGP, but there are already drafts that support certificates based on the. The     *  server requests the client public key. The client has a certificate, two-way authentication, and a public key is randomly generated without a certificate.     *  client and server negotiate a common primary private key through public key secrecy (random negotiation between the parties), which is implemented by carefully designed pseudo-random number functions. The result may be a diffie-hellman interchange, or a simplified public key encryption, each of which decrypts with the private key. This "Master key" is used for all other key data encryption. The recording layer (Record layer) in data transmission is used to encapsulate higher-level protocols. The recording layer data can be compressed, encrypted, and compressed together with the message verification code. Each record-level package has a content-type segment to record the protocol for the higher layer. Tls/ssl has a variety of security measures:    *  all record layer data are numbered for message verification code validation. = = = Reference Complete = = above refers to self-dimension (anti-diarrhea patch) base (anti-blood-drink patch) hundred (anti-nuclear break patch)  -------------------------------------------------ssh1  and  ssh2  is a two-level version of security. ssh2  is more secure. But it seems that some of the system's  ssh2  support is to be charged separately for use. The telnet  port defaults to  21 ,ssh  and  Telnet  are incompatible, so he was designed to differentiate by default  22  port. ssh  when to use depends on when you want to link the server, and when the server opened  ssh  service. ssh  only theory, no actual content, if you want the actual content, please see  TLS  the relevant algorithm part. ssh  is a remote control method that uses a cryptographic protocol based on a network layer. As for the link is not up, it depends on how can not link: 1, the server's  ssh  service is started 2, the firewall is open port 3, the network is unobstructed 4, the user is usedCan be remotely linked  ssh  controlled 5, port is  226, client software is compatible with server-side software 7 、...... 8 、............ ssh  Sometimes it's just a transition transfer protocol, which can be set up to graphically manipulate the graphical interface of the remote server in  ssh . However, it is necessary to install the appropriate support program, and to set the appropriate settings, but also to open the appropriate features. telnet  of course, not encryption is always the best use. You can't even know when a hijacked server is being hijacked by someone listening to you. Because the  telnet  link is the direct white send the user name and password. Be aware that all the data sent by the hub inside the LAN is broadcast to all the network cards that are linked to the hub to send all the data. This time, do not need any hacker knowledge, find a monitoring software can directly intercept your password

Note: On the Baidu to see the feeling is very good collection down!!!

The difference between SSH and Telnet