Python: Convert Telnet Application To Ssh

I write a python telnet client to communicate with a server through telnet. However, many people tell me that it's no secure. How can I convert it to ssh? Should I need to totally

Solution 1:

Just create a TCP tunnel via SSH and relay all the data through there, no need to reinvent the wheel. You can find examples in SSH docs under TCP tunneling (man ssh for instance).

But if you really want to rewrite it, then check out paramiko project.

Solution 2:

While Telnet is insecure, it's essentially just a serial console over a network, which makes it easy to code for. SSH is much, much more complex. There's encryption, authentication, negotiation, etc to do. And it's very easy to get wrong in spectacular fashion.

There's nothing wrong with Telnet per se, but if you can change things over the network - and it's not a private network - you're opening yourself up for trouble.

Assuming this is running on a computer, why not restrict the server to localhost? Then ssh into the computer and telnet to localhost? All the security with minimal hassle.

Solution 3:

Use one of these libraries in your Python application to talk to the SSHD daemon on the server:

http://wiki.python.org/moin/SecureShell

You'll want to look at something that will help you set up SSHD in a secure manner like this:

http://www.linuxjournal.com/article/8759

You will also need to ensure that you update the SSHD daemon regularly and make use of keys and strong, rotating passwords. All this should be standard for a telnet application too, but due to the lack of transport level encryption, you really shouldn't be using telnet for anything.