It seems like this command should be easier, but it is a little crazy.  Lets say that I don’t know that sshd is listening on port 22.  Here is how to arrive at that:

# netstat -Aan | head
Active Internet connections (including servers)
PCB/ADDR         Proto Recv-Q Send-Q  Local Address      Foreign Address    (state)
f100060001be4b98 tcp4       0      0  *.13               *.*                LISTEN
f100060001bf7b98 tcp        0      0  *.21               *.*                LISTEN
f100060001f60398 tcp4       0      0  *.22               *.*                LISTEN
f100060001bf4b98 tcp        0      0  *.23               *.*                LISTEN

# rmsock f100060001f60398 tcpcb         
The socket 0x1f60008 is being held by proccess 266380 (sshd).
#

You could also use lsof with the socket #, but I don’t usually load that.

Two quick things about telnet:

1. Put a port number behind the host you want to go to and use it as a port checker
2. Learn to script around it with something similar to a where script

So to check ports with telnet, simply add the port number ( here is a test to see if ftp is enabled):

# telnet deadlycoffee.com 21
Trying…
Connected to deadlycoffee.com.
Escape character is ‘^]’.
220———- Welcome to Pure-FTPd [TLS] ———-
220-You are user number 1 of 50 allowed.
220-Local time is now 13:08. Server port: 21.
220 You will be disconnected after 15 minutes of inactivity.
help
214-The following SITE commands are recognized
ALIAS
CHMOD
IDLE
UTIME
214 Pure-FTPd – http://pureftpd.org/
quit
221-Goodbye. You uploaded 0 and downloaded 0 kbytes.
221 Logout.
Connection closed.
#

Next, there are all sort of switches and other systems that I need to get information from that aren’t ssh enabled. Here is a crude way to accomplish what you want with telnet:

(
echo “$USERNAME”
sleep 1
echo “$PASSWORD”
sleep 1
echo “show switch”
sleep 2
) | telnet $HOST