Telnet is still useful on Ubuntu when you need a quick TCP-level check before opening a full application client. Installing Telnet gives you the telnet command for simple port tests against HTTP, SMTP, routers, lab hardware, and older appliances, but its plain-text design makes it unsuitable for normal remote administration.
Ubuntu 26.04, 24.04, and 22.04 all provide the Telnet client through APT. The optional telnetd server package is separate and should only be added for isolated lab or legacy systems where inbound Telnet is genuinely required.
Update Ubuntu Before Installing Telnet
Refresh the local package index before installing Telnet so APT uses the current package metadata for your Ubuntu release:
sudo apt update && sudo apt upgradeRunning apt update refreshes package lists, while apt upgrade applies available package updates before you add the Telnet client or optional server.
This guide uses
sudofor commands that need root privileges. If your user is not in the sudoers file yet, see how to add a user to sudoers on Ubuntu.
Install Telnet Client on Ubuntu
Telnet is available from Ubuntu’s repositories but is not installed by default on standard systems. Install the Telnet client when you only need the telnet command for outbound port checks and service banners:
sudo apt install telnetThe older apt-get install telnet syntax installs the same package and still works in scripts, but the examples below use apt for interactive terminal commands. These commands target Ubuntu’s APT packages; other Linux distributions use their own package managers and package names.
| Package | Repository component | Purpose |
|---|---|---|
telnet | Main | Installs the outbound Telnet client command for port and banner testing. |
telnetd | Universe | Installs the optional Telnet server daemon for inbound legacy access. |
If a minimal or customized system cannot locate telnetd, the Universe component may be disabled. Only the server package needs Universe; the Telnet client package is available from Main. See enable Universe on Ubuntu if you need the optional server package.
Verify Telnet Client Installation on Ubuntu
After installation completes, verify the command path and installed package version:
command -v telnet
apt-cache policy telnetExpected output on Ubuntu 26.04 LTS:
/usr/bin/telnet telnet: Installed: 0.17+2.7-2ubuntu1 Candidate: 0.17+2.7-2ubuntu1
The /usr/bin/telnet path confirms the command is available. Package versions differ by release: Ubuntu 26.04 currently shows 0.17+2.7-2ubuntu1, Ubuntu 24.04 shows 0.17+2.5-3ubuntu4.1, and Ubuntu 22.04 shows 0.17-44build1.
Fix telnet: command not found on Ubuntu
If the shell returns telnet: command not found or -bash: telnet: command not found, the client package is not installed in the current environment. Install the client package, then recheck the command path:
sudo apt install telnet
command -v telnetExpected output after the package installs:
/usr/bin/telnet
Optional: Install Telnet Server on Ubuntu
Install the Telnet server only when the Ubuntu system needs to accept inbound Telnet connections. Telnet sends usernames, passwords, and session data in clear text, so keep this to isolated networks, lab systems, or legacy equipment workflows:
sudo apt install telnetd| Ubuntu release | Installed server packages | Service behavior after install |
|---|---|---|
| Ubuntu 26.04 and 24.04 | telnetd transitional package, inetutils-telnetd, inetutils-inetd, and tcpd | inetutils-inetd is enabled but inactive until the packaged Telnet line is enabled in /etc/inetd.conf. |
| Ubuntu 22.04 | telnetd, openbsd-inetd, tcpd, and libevent-2.1-7 | openbsd-inetd starts immediately because the package adds an active Telnet entry. |
Verify Telnet Server Status on Ubuntu
On Ubuntu 26.04 and 24.04, check the inetutils-inetd service after installing telnetd:
systemctl status inetutils-inetd --no-pagerRelevant output before enabling Telnet access:
inetutils-inetd.service - GNU Network Utilities internet superserver
Loaded: loaded (/usr/lib/systemd/system/inetutils-inetd.service; enabled; preset: enabled)
Active: inactive (dead) (Result: exec-condition)
Condition: start condition unmet
This inactive state is expected on Ubuntu 26.04 and 24.04 until you enable the packaged Telnet service line. On Ubuntu 22.04, check openbsd-inetd instead:
systemctl status openbsd-inetd --no-pagerRelevant output on Ubuntu 22.04 after installation:
inetd.service - Internet superserver
Loaded: loaded (/lib/systemd/system/inetd.service; enabled; vendor preset: enabled)
Active: active (running)
Most systems only need the Telnet client. Do not enable the server for normal administration; use SSH for encrypted remote access instead.
Enable the Telnet Server on Ubuntu 26.04 and 24.04
On Ubuntu 26.04 and 24.04, the package installs a disabled Telnet entry in /etc/inetd.conf. Back up the file, uncomment the packaged line, and restart inetutils-inetd:
sudo cp /etc/inetd.conf /etc/inetd.conf.bak
sudo sed -i 's/^#<off># telnet/telnet/' /etc/inetd.conf
sudo systemctl restart inetutils-inetdVerify the service is now active and listening on port 23:
systemctl status inetutils-inetd --no-pager
ss -tln | grep ':23'Relevant output after enabling the packaged Telnet line:
inetutils-inetd.service - GNU Network Utilities internet superserver
Active: active (running)
LISTEN 0 10 0.0.0.0:23 0.0.0.0:*
Ubuntu 22.04 users can skip this step because the
telnetdpackage adds an active Telnet entry throughopenbsd-inetdduring installation.
Telnet Command Examples for Network Testing on Ubuntu
With Telnet installed, you can test connectivity to remote services and debug network issues. The following table summarizes commonly used Telnet flags:
| Flag | Purpose | Example |
|---|---|---|
-4 | Force IPv4 connection | telnet -4 example.com 80 |
-6 | Force IPv6 connection | telnet -6 example.com 80 |
-b | Bind to a specific local address | telnet -b 192.168.1.50 host 80 |
-d | Enable debug mode | telnet -d example.com 80 |
-E | Disable escape character | telnet -E example.com 80 |
Test HTTP Server Availability with Telnet
Connect to a web server on port 80 to verify HTTP service availability and manually send HTTP requests:
telnet example.com 80Expected output when the connection succeeds:
Trying 93.184.215.14... Connected to example.com. Escape character is '^]'.
Once connected, type the following HTTP GET request followed by pressing Enter twice:
GET / HTTP/1.1
Host: example.comRelevant output includes the HTTP status line and response headers:
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8
The server responds with HTTP headers and HTML content, confirming the web service is operational. Press Ctrl+] then type quit to exit the Telnet session.
Test SMTP Server Connectivity with Telnet
Verify mail server availability by connecting to the SMTP port (25):
telnet mail.example.com 25Expected output showing the SMTP banner:
Trying 192.0.2.50... Connected to mail.example.com. Escape character is '^]'. 220 mail.example.com ESMTP Postfix (Ubuntu)
A successful connection displays the SMTP banner showing the mail server software and version. This confirms the mail server accepts connections on port 25. Use QUIT to disconnect gracefully.
Test Custom Application Ports with Telnet
Test whether a custom application port is open and accepting connections:
telnet 192.168.1.100 8080Expected output if the connection succeeds:
Trying 192.168.1.100... Connected to 192.168.1.100. Escape character is '^]'.
If the port is closed or filtered by a firewall, the connection times out or displays “Connection refused.”
Force Telnet to Use IPv4 or IPv6
Force Telnet to use IPv4 when connecting to dual-stack hosts:
telnet -4 example.com 80Alternatively, force IPv6 connections with the -6 flag:
telnet -6 example.com 80Ubuntu 26.04 and 24.04 use
inetutils-telnet, which also accepts GNU-style long options:--ipv4,--ipv6, and--bind=ADDRESS. Ubuntu 22.04 uses the netkit Telnet client, which only supports the short flags shown above.
Bind Telnet to a Specific Local Address
When your system has multiple network interfaces, specify which local IP address to use for the outbound connection:
telnet -b 192.168.1.50 example.com 80The -b flag binds the connection to the specified local address, which helps when testing routing configurations or firewall rules tied to specific interfaces.
Restrict Telnet Access with UFW Firewall Rules on Ubuntu
Because Telnet listens on TCP port 23 and sends traffic in plain text, restrict inbound access before you expose the server to any network. The examples below use UFW to allow only trusted sources; for broader firewall setup, see configure UFW on Ubuntu.
Verify UFW Firewall Status on Ubuntu
First, check whether UFW is installed and active on your system:
sudo ufw statusExpected output if UFW is inactive:
Status: inactive
Ubuntu normally includes UFW, but minimal systems may not. If ufw: command not found appears, install UFW first or follow the full UFW guide linked above.
Set conservative defaults before enabling the firewall:
sudo ufw default deny incoming
sudo ufw default allow outgoingExpected output:
Default incoming policy changed to 'deny' Default outgoing policy changed to 'allow'
If you manage this system over SSH, allow SSH before enabling UFW so you do not lock yourself out.
For remote systems, add the OpenSSH rule before turning UFW on:
sudo ufw allow OpenSSHThen enable UFW:
sudo ufw enableExpected output:
Firewall is active and enabled on system startup
Configure Telnet UFW Firewall Rules
Choose the rule that matches the system you are protecting. Source-limited rules should specify proto tcp because Telnet uses TCP port 23.
Allow Telnet from a Trusted IP Address
sudo ufw allow from 192.168.1.10 to any port 23 proto tcp comment "Allow Telnet from trusted host"This restricts Telnet access to one trusted host and labels the rule so it is easier to identify later.
Allow Telnet from a Local Subnet
sudo ufw allow from 192.168.1.0/24 to any port 23 proto tcp comment "Allow Telnet from lab subnet"This permits Telnet connections from any device on your local network (192.168.1.0-192.168.1.255), ideal for internal lab environments.
Block Telnet from a Specific IP Address
sudo ufw deny from 203.0.113.50 to any port 23 proto tcp comment "Deny Telnet from blocked host"This explicitly denies Telnet access from a specific address, useful for blocking known malicious hosts while allowing broader access.
Allow Telnet Globally (Not Recommended)
sudo ufw allow 23/tcp comment "Temporary Telnet testing"This allows Telnet from any IP address. Only use this for temporary testing on isolated networks, and never on production systems or internet-facing servers.
After adding rules, verify the configuration with numbered output so you can review active rules and their priority order:
sudo ufw status numberedExpected output example:
Status: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 23/tcp ALLOW IN 192.168.1.10
[ 3] 22/tcp (v6) ALLOW IN Anywhere (v6)
The numbered list shows each rule’s position, making it easier to identify and manage specific firewall entries.
Troubleshoot Telnet Connection Issues on Ubuntu
If Telnet connections fail or behave unexpectedly, separate client availability, remote service state, firewall behavior, and server configuration. Each problem points to a different fix.
Resolve Telnet Connection Refused Error on Ubuntu
If you see “Connection refused” when attempting to connect, the remote service is not listening on the specified port.
Error message:
Trying 192.168.1.100... telnet: Unable to connect to remote host: Connection refused
Verify the service is running on the remote host:
ssh user@192.168.1.100 'systemctl status servicename'Alternatively, use nmap to scan the target port and confirm whether it’s open. If Nmap isn’t installed, follow our install Nmap on Ubuntu guide:
nmap -p 23 192.168.1.100Expected output if the port is closed:
PORT STATE SERVICE 23/tcp closed telnet
If the port shows as closed, start the service on the remote system or verify you’re connecting to the correct port number. For additional network scanning techniques, see our Nmap commands guide for beginners.
Fix Telnet Connection Timeout on Ubuntu
Connections that hang without responding typically indicate firewall blocking or network routing issues.
Check local firewall rules first:
sudo ufw status numberedExpected output:
Status: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 23/tcp DENY OUT Anywhere (out)
[ 3] 22/tcp (v6) ALLOW IN Anywhere (v6)
Verify whether UFW blocks outbound connections to the target port. If necessary, allow outbound Telnet temporarily for testing:
sudo ufw allow out 23/tcp comment "Temporary outbound Telnet test"Verify network connectivity to the remote host:
ping -c 4 192.168.1.100If ping succeeds but Telnet times out, the remote firewall likely blocks port 23. Contact the remote system administrator to allow your IP address through their firewall.
Fix Telnet Server Not Starting on Ubuntu
On Ubuntu 26.04 and 24.04, an inactive inetutils-inetd service with an exec-condition result usually means the Telnet line is still disabled. Confirm the packaged line in /etc/inetd.conf:
grep 'telnet' /etc/inetd.confIf the line still starts with #<off>#, enable it with the command shown earlier and restart inetutils-inetd. If the line is active but the service still fails, inspect the service logs:
sudo journalctl -u inetutils-inetd -n 50On Ubuntu 22.04, use the openbsd-inetd unit name:
sudo journalctl -u openbsd-inetd -n 50Also verify that port 23 is listening after the service starts:
ss -tln | grep ':23'Expected output when Telnet is listening:
LISTEN 0 10 0.0.0.0:23 0.0.0.0:*
Remove Telnet from Ubuntu
If you only installed the Telnet client, remove it with APT:
sudo apt remove --purge telnetIf you also installed the optional server package, remove telnetd and then review the dependency cleanup list before confirming autoremove:
sudo apt remove --purge telnetd
sudo apt autoremove --purgeOn Ubuntu 26.04 and 24.04, autoremove can remove inetutils-telnetd, inetutils-inetd, and tcpd if no other package still needs them. On Ubuntu 22.04, it can remove openbsd-inetd, tcpd, and libevent-2.1-7 when they were installed only for Telnet.
If you enabled the packaged Telnet line but need to keep inetutils-inetd for another service, disable only the Telnet entry instead of removing the inetd package:
sudo sed -i 's/^telnet/#<off># telnet/' /etc/inetd.conf
sudo systemctl restart inetutils-inetdIf you configured UFW rules for Telnet, remove them after uninstalling:
sudo ufw status numberedExpected output showing Telnet rules:
Status: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 23/tcp ALLOW IN 192.168.1.10
[ 3] 22/tcp (v6) ALLOW IN Anywhere (v6)
Identify the rule number(s) associated with port 23, then delete them. For example, to remove rule 2:
sudo ufw delete 2Expected output:
Deleting: allow from 192.168.1.10 to any port 23 proto tcp Proceed with operation (y|n)? y Rule deleted
Finally, verify the packages are removed with an installed-state check:
dpkg-query -W -f='${db:Status-Abbrev} ${binary:Package}\n' telnet telnetd inetutils-telnet inetutils-telnetd inetutils-inetd openbsd-inetd 2>/dev/null | grep '^ii' || echo "No Telnet client or server packages remain installed."Expected output:
No Telnet client or server packages remain installed.
If the command prints installed packages instead, remove the remaining package or keep it intentionally if another inetd service depends on it.
Conclusion
Telnet now has a clear role on Ubuntu: quick client-side TCP diagnostics by default, with the server path reserved for controlled legacy access. Keep port 23 source-limited when you enable it, remove the server when testing ends, and use install SSH on Ubuntu for encrypted remote administration.
Formatting tips for your comment
You can use basic HTML to format your comment. Useful tags currently allowed in published comments:
<code>command</code>command<strong>bold</strong><em>italic</em><blockquote>quote</blockquote>