Is telnet secure through SSH tunneling
Yes. Controlling a Telnet client through an SSH tunnel is, in practice, as safe from eavesdropping as using any other program (e.g. a Bash shell) through the tunnel.
Telnet is called an insecure protocol because Telnet traffic is plain text which can be read and modified by anyone on the route between client and server (a man-in-the-middle attack). But if you're exchanging packets with localhost
, there is no actual network traffic leaving the machine that could be sniffed or intercepted. Both Telnet client and server are on the same host, and the fact that you're using SSH to connect to that host doesn't put that local connection at risk.
The traffic cannot be sniffed. It is not ideal - you're adding extra steps to arrive at a secure connection, so performance will suffer - but it is safe from sniffing at least at the network level. Obviously, if the server is compromised, the traffic can be sniffed, but you will have other problems by then.
Since someone told me to add this here is an edit: It is not ideal because you have to utilize two additional steps to initiate a connection and secure it. One is prohibit every incoming connection to the telnet service and second is to work around that prohibition. That simply leaves more space for errors than simply using SSH in the first place. That's not ideal but sometimes the best of valid options.