Quiz Entry - updated: 2026.07.14
Why should SSH (Secure Shell) be used instead of Telnet for remote device management?
Telnet sends everything — including the password — in plaintext that a sniffer reads directly; SSH encrypts the whole session.
* Telnet is plaintext; SSH encrypts the session. *
| Feature | Telnet | SSH |
|---|---|---|
| Port | TCP (Transmission Control Protocol) 23 | TCP 22 |
| Encryption | None — plaintext | Strong encryption (AES, etc.) |
| Authentication | Plaintext username/password | Encrypted username/password |
| Data transmission | Plaintext | Encrypted |
| Security | Easily captured by packet sniffers | Protected from eavesdropping |
Real-world risk: A threat actor using Wireshark can capture a Telnet session and read the username and password directly from the packet capture. With SSH, the captured data is encrypted and unreadable.
Key takeaway: Telnet should never be used on production networks. Always use SSH for remote management. If a device doesn't support SSH, consider using a console cable for local management instead.
Go deeper:
Secure Shell (Wikipedia) — SSH's encrypted transport and authentication, contrasted with plaintext Telnet.