How to Install Telnet on Ubuntu (26.04, 24.04, 22.04)

When you install Telnet on Ubuntu, you add a network diagnostic tool for testing connectivity to remote services. Common use cases include verifying SMTP server availability on port 25, testing HTTP responses on port 80, debugging service connectivity, and accessing legacy equipment that lacks SSH support. Telnet transmits all data in plain text, including passwords, making it unsuitable for production environments. Administrators use Telnet primarily for local network troubleshooting and testing where SSH isn’t available or necessary.

Ubuntu includes the Telnet client and server in its default repositories across all supported LTS releases. You will install both packages, test connectivity to HTTP, SMTP, and custom application ports, enable the Telnet server on Ubuntu 26.04 and 24.04, restrict incoming connections with UFW firewall rules, and troubleshoot common connection issues.

Update Ubuntu Before Installing Telnet

Before installing Telnet, first update your Ubuntu system to ensure you have the latest package versions and security patches:

sudo apt update && sudo apt upgrade

Running apt update refreshes your package index, while apt upgrade installs available updates. This ensures Telnet and its dependencies install correctly without version conflicts.

This guide uses sudo for commands that need root privileges. If your user is not in the sudoers file yet, see how to add a user to sudoers on Ubuntu.

Install Telnet Client and Server on Ubuntu

Ubuntu includes Telnet packages in the default repository. Most users only need the Telnet client to test remote services; however, you can install both client and server if you need to accept incoming Telnet connections:

sudo apt install telnet telnetd

The telnet package provides the client for connecting to remote systems, while telnetd installs the Telnet server daemon (inetd) that listens for incoming connections. If you only need to test remote services, install just the client with sudo apt install telnet.

On Ubuntu 26.04 and 24.04 LTS, telnetd is a transitional dummy package that installs inetutils-telnetd and inetutils-inetd as the actual server packages. On Ubuntu 22.04 LTS, telnetd is the real server package from netkit-telnet, with openbsd-inetd providing the inet daemon. The installation command works identically across all supported releases.

Verify Telnet Client Installation on Ubuntu

After installation completes, verify the Telnet client is accessible by checking the installed package version:

apt-cache policy telnet

Expected output on Ubuntu 24.04 LTS:

telnet:
  Installed: 0.17+2.5-3ubuntu4.1
  Candidate: 0.17+2.5-3ubuntu4.1

The Installed line confirms the Telnet client is ready to use. Version numbers differ by release: Ubuntu 26.04 shows 0.17+2.7-2ubuntu1, Ubuntu 24.04 shows 0.17+2.5-3ubuntu4.1, and Ubuntu 22.04 shows 0.17-44build1.

Verify Telnet Server Status on Ubuntu

If you installed the Telnet server (telnetd), the service name differs between Ubuntu releases. On Ubuntu 26.04 and 24.04 LTS, check inetutils-inetd:

systemctl status inetutils-inetd

Expected output on Ubuntu 26.04 and 24.04 LTS:

○ inetutils-inetd.service - GNU Network Utilities internet superserver
     Loaded: loaded (/usr/lib/systemd/system/inetutils-inetd.service; enabled)
     Active: inactive (dead)
  Condition: start condition unmet
       Docs: man:inetutils-inetd(8)

On Ubuntu 22.04 LTS, the service uses a different name:

systemctl status openbsd-inetd

Expected output on Ubuntu 22.04 LTS:

● inetd.service - Internet superserver
     Loaded: loaded (/lib/systemd/system/inetd.service; enabled)
     Active: active (running)
   Main PID: 18501 (inetd)

On Ubuntu 26.04 and 24.04, the inetutils-inetd service stays inactive until you configure a service entry in /etc/inetd.d/ (see the section below). On Ubuntu 22.04, the telnetd package automatically adds a Telnet entry to /etc/inetd.conf, so the service starts immediately after installation.

Most users only need the Telnet client for testing remote services, which works immediately without the server running. Only enable the server if you need to accept incoming Telnet connections on your system.

Enable the Telnet Server on Ubuntu 26.04 and 24.04

On Ubuntu 26.04 and 24.04, the inetutils-inetd service requires a configuration entry before it starts. Create a Telnet service file in /etc/inetd.d/:

echo "telnet stream tcp nowait root /usr/sbin/telnetd telnetd" | sudo tee /etc/inetd.d/telnet

The pipe to sudo tee writes the file with root privileges. Standard shell redirection (>) does not inherit sudo, so tee handles file creation in root-owned directories.

Restart the service to apply the configuration:

sudo systemctl restart inetutils-inetd

Verify the service is now active and listening on port 23:

systemctl status inetutils-inetd

Expected output:

● inetutils-inetd.service - GNU Network Utilities internet superserver
     Loaded: loaded (/usr/lib/systemd/system/inetutils-inetd.service; enabled)
     Active: active (running)
       Docs: man:inetutils-inetd(8)

Ubuntu 22.04 users can skip this step. The telnetd package on 22.04 automatically configures /etc/inetd.conf and starts the service during installation.

Telnet Command Examples for Network Testing on Ubuntu

With Telnet installed, you can test connectivity to remote services and debug network issues. The following table summarizes commonly used Telnet flags:

Flag	Purpose	Example
-4	Force IPv4 connection	telnet -4 example.com 80
-6	Force IPv6 connection	telnet -6 example.com 80
-b	Bind to a specific local address	telnet -b 192.168.1.50 host 80
-d	Enable debug mode	telnet -d example.com 80
-E	Disable escape character	telnet -E example.com 80

Test HTTP Server Availability with Telnet

Connect to a web server on port 80 to verify HTTP service availability and manually send HTTP requests:

telnet example.com 80

Expected output when the connection succeeds:

Trying 93.184.215.14...
Connected to example.com.
Escape character is '^]'.

Once connected, type the following HTTP GET request followed by pressing Enter twice:

GET / HTTP/1.1
Host: example.com

Expected output showing the HTTP response:

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
...

The server responds with HTTP headers and HTML content, confirming the web service is operational. Press Ctrl+] then type quit to exit the Telnet session.

Test SMTP Server Connectivity with Telnet

Verify mail server availability by connecting to the SMTP port (25):

telnet mail.example.com 25

Expected output showing the SMTP banner:

Trying 192.0.2.50...
Connected to mail.example.com.
Escape character is '^]'.
220 mail.example.com ESMTP Postfix (Ubuntu)

A successful connection displays the SMTP banner showing the mail server software and version. This confirms the mail server accepts connections on port 25. Use QUIT to disconnect gracefully.

Test Custom Application Ports with Telnet

Test whether a custom application port is open and accepting connections:

telnet 192.168.1.100 8080

Expected output if the connection succeeds:

Trying 192.168.1.100...
Connected to 192.168.1.100.
Escape character is '^]'.

If the port is closed or filtered by a firewall, the connection times out or displays “Connection refused.”

Force Telnet to Use IPv4 or IPv6

Force Telnet to use IPv4 when connecting to dual-stack hosts:

telnet -4 example.com 80

Alternatively, force IPv6 connections with the -6 flag:

telnet -6 example.com 80

Ubuntu 26.04 and 24.04 use inetutils-telnet, which also accepts GNU-style long options: --ipv4, --ipv6, and --bind=ADDRESS. Ubuntu 22.04 uses the netkit Telnet client, which only supports the short flags shown above.

Bind Telnet to a Specific Local Address

When your system has multiple network interfaces, specify which local IP address to use for the outbound connection:

telnet -b 192.168.1.50 example.com 80

The -b flag binds the connection to the specified local address, which helps when testing routing configurations or firewall rules tied to specific interfaces.

Restrict Telnet Access with UFW Firewall Rules on Ubuntu

Since Telnet transmits data in plain text, restricting access using Ubuntu’s UFW firewall reduces exposure to unauthorized connections. By allowing Telnet only from trusted IP addresses or subnets, you limit the attack surface while maintaining functionality for legitimate testing and troubleshooting. For comprehensive UFW configuration guidance, see our complete UFW firewall guide for Ubuntu. Additionally, for systems requiring mandatory access controls beyond firewall rules, consider enabling AppArmor on Ubuntu to enforce security policies at the application level.

Verify UFW Firewall Status on Ubuntu

First, check whether UFW is installed and active on your system:

sudo ufw status

Expected output if UFW is inactive:

Status: inactive

Ubuntu includes UFW by default on desktop and server installations. If the firewall is inactive, you’ll enable it in the next step after configuring default policies.

Before enabling UFW, ensure SSH access is allowed to prevent remote lockout. If you manage the server remotely, run sudo ufw allow OpenSSH before enabling the firewall.

If UFW is inactive, enable it with the following command:

sudo ufw enable

Expected output:

Firewall is active and enabled on system startup

Once enabled, UFW begins enforcing the configured rules immediately.

After enabling UFW, configure the default policies to deny incoming connections while allowing outgoing traffic:

sudo ufw default deny incoming
sudo ufw default allow outgoing

These defaults block unwanted inbound connections while permitting your system to initiate connections to external services. Most Ubuntu systems already use these defaults, but setting them explicitly ensures consistent behavior.

Configure Telnet UFW Firewall Rules

Choose the rule that matches your security requirements.

Allow Telnet from a Trusted IP Address

sudo ufw allow from 192.168.1.10 to any port 23

This restricts Telnet access to a single trusted IP address, suitable for one-to-one administration scenarios.

Allow Telnet from a Local Subnet

sudo ufw allow from 192.168.1.0/24 to any port 23

This permits Telnet connections from any device on your local network (192.168.1.0-192.168.1.255), ideal for internal lab environments.

Block Telnet from a Specific IP Address

sudo ufw deny from 203.0.113.50 to any port 23

This explicitly denies Telnet access from a specific address, useful for blocking known malicious hosts while allowing broader access.

Allow Telnet Globally (Not Recommended)

sudo ufw allow 23/tcp

This allows Telnet from any IP address. Only use this for temporary testing on isolated networks, and never on production systems or internet-facing servers.

After adding rules, verify the configuration with sudo ufw status numbered to review active rules and their priority order.

Expected output example:

Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    Anywhere
[ 2] 23                         ALLOW IN    192.168.1.10
[ 3] 22/tcp (v6)                ALLOW IN    Anywhere (v6)

The numbered list shows each rule’s position, making it easier to identify and manage specific firewall entries.

Troubleshoot Telnet Connection Issues on Ubuntu

If Telnet connections fail or behave unexpectedly, the following troubleshooting steps help identify and resolve common issues.

Resolve Telnet Connection Refused Error on Ubuntu

If you see “Connection refused” when attempting to connect, the remote service is not listening on the specified port.

Error message:

Trying 192.168.1.100...
telnet: Unable to connect to remote host: Connection refused

Verify the service is running on the remote host:

ssh user@192.168.1.100 'systemctl status servicename'

Alternatively, use nmap to scan the target port and confirm whether it’s open. If Nmap isn’t installed, follow our Nmap installation guide for Ubuntu:

nmap -p 23 192.168.1.100

Expected output if the port is closed:

PORT   STATE  SERVICE
23/tcp closed telnet

If the port shows as closed, start the service on the remote system or verify you’re connecting to the correct port number. For additional network scanning techniques, see our Nmap commands guide for beginners.

Fix Telnet Connection Timeout on Ubuntu

Connections that hang without responding typically indicate firewall blocking or network routing issues.

Check local firewall rules:

sudo ufw status numbered

Expected output:

Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    Anywhere
[ 2] 23/tcp                     DENY OUT    Anywhere (out)
[ 3] 22/tcp (v6)                ALLOW IN    Anywhere (v6)

Verify whether UFW blocks outbound connections to the target port. If necessary, allow outbound Telnet temporarily for testing:

sudo ufw allow out 23/tcp

Verify network connectivity to the remote host:

ping -c 4 192.168.1.100

If ping succeeds but Telnet times out, the remote firewall likely blocks port 23. Contact the remote system administrator to allow your IP address through their firewall.

Fix Telnet Server Not Starting on Ubuntu

If the inetd service fails to start after configuration, check the systemd logs for error details. On Ubuntu 26.04 and 24.04 LTS:

sudo journalctl -u inetutils-inetd -n 50

On Ubuntu 22.04 LTS:

sudo journalctl -u openbsd-inetd -n 50

Expected output showing recent log entries:

Dec 10 15:30:00 ubuntu systemd[1]: Condition check resulted in inetutils-inetd.service being skipped.
Dec 10 15:30:00 ubuntu systemd[1]: inetutils-inetd.service: Unit cannot be reloaded because it is inactive.

Common causes include port conflicts (another service already using port 23) or misconfigured /etc/inetd.conf. Verify no other service is bound to port 23:

sudo ss -tlnp | grep :23

Expected output if port 23 is in use:

LISTEN 0      128          0.0.0.0:23        0.0.0.0:*    users:(("inetd",pid=1234,fd=5))

If another service occupies the port, stop that service or reconfigure Telnet to use an alternate port in /etc/inetd.conf.

Remove Telnet From Ubuntu

If you no longer need Telnet, remove both the client and server packages with the following command:

sudo apt remove --purge telnet telnetd

The --purge flag removes configuration files along with the packages. This stops the inetutils-inetd service and uninstalls the Telnet daemon completely.

Next, remove orphaned dependencies that are no longer required:

sudo apt autoremove

This removes the actual server packages (inetutils-telnetd and inetutils-inetd on Ubuntu 26.04/24.04, or openbsd-inetd on Ubuntu 22.04) that were automatically installed as dependencies.

If you created a Telnet configuration file in /etc/inetd.d/ on Ubuntu 26.04 or 24.04, remove it manually:

sudo rm -f /etc/inetd.d/telnet

If you configured UFW rules for Telnet, remove them after uninstalling:

sudo ufw status numbered

Expected output showing Telnet rules:

Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    Anywhere
[ 2] 23                         ALLOW IN    192.168.1.10
[ 3] 22/tcp (v6)                ALLOW IN    Anywhere (v6)

Identify the rule number(s) associated with port 23, then delete them. For example, to remove rule 2:

sudo ufw delete 2

Expected output:

Deleting:
 allow from 192.168.1.10 to any port 23
Proceed with operation (y|n)? y
Rule deleted

Finally, verify the packages are removed:

apt-cache policy telnet telnetd

Expected output:

telnet:
  Installed: (none)
  Candidate: 0.17+2.5-3ubuntu4.1
telnetd:
  Installed: (none)
  Candidate: 0.17+2.5-3ubuntu4.1

Both packages showing Installed: (none) confirms complete removal. The candidate version remains visible because the packages are still available in the Ubuntu repositories.

Frequently Asked Questions About Telnet on Ubuntu

Conclusion

Telnet is installed and ready for network diagnostics on Ubuntu, from testing HTTP and SMTP availability to debugging custom application ports. If you enabled the server, UFW rules restrict access to trusted addresses and limit plain-text exposure. For production remote access, use SSH for encrypted traffic and key-based authentication. See our SSH installation and hardening guide for Ubuntu to configure secure remote access.