tftpd(ADMN)


tftpd -- Trivial File Transfer Protocol server

Syntax

/etc/tftpd [ -b ] [ -s ] [ homedir ]

Description

tftpd is a server that supports the Trivial File Transfer Protocol (TFTP). It can be run in secure or unsecure mode. Run in unsecure mode, tftpd may create security holes in your system.

tftpd is normally started by inetd(ADMN) and operates at the port indicated in the tftp Internet service description in the /etc/inetd.conf file. By default, the entry for tftpd in /etc/inetd.conf is commented out to ensure it is only started intentionally with consideration for the security issues.

tftpd does not require that the client user have an account nor that the client user provide a password. Due to his lack of user authentication, tftpd will allow only publicly readable files to be accessed. Further, files may be written only if they already exist and are publicly writable. Note that this extends the concept of ``public'' to include all users on all hosts that can reach this host through the network; this may not be appropriate on all systems, and its implications should be considered before enabling this service.

In unsecure mode, tftpd allows access to all ``public'' files on the system. In secure mode, tftpd allows access only to ``public'' files that are located in a specified directory.

Options


-b
Normally the TFTP server ignores requests that are sent to a broadcast address, since this behavior is recommended by RFC 1123. If for some reason it is desirable to answer broadcast TFTP requests, the -b option may be used to disable this check.

homedir
Before responding to a request, tftpd attempts to change its current directory to homedir. The default value is /tftpboot. In unsecure mode, the change need not succeed for tftpd to continue.

-s
Run tftpd in secure mode. Before responding to a request, tftpd attempts to change its current directory and root directory to homedir. The default value is /tftpboot. If this change fails, access is denied.

Enabling tftpd in secure or unsecure mode

To enable tftpd in unsecure mode, uncomment the following line in /etc/inetd.conf:
#tftp	dgram	udp   wait   nouser	/etc/tftpd   tftpd
See below for when this change takes effect.

To enable tftpd in secure mode:

  1. uncomment the following line in /etc/inetd.conf:
    #tftp	dgram	udp   wait   root	/etc/tftpd   tftpd -s /tftpboot
    

  2. manually create the directory /tftpboot
Any changes you make to /etc/inetd.conf take effect the next time TCP/IP starts unless you dynamically reconfigure inetd by killing it with a SIGHUP as follows:

ps -ef | grep inetd
kill -HUP pid_of_inetd_process

Limitations

Due to the limitations of the TFTP protocol, the integrity of the data cannot be guaranteed for multiple file transfers using the get or put commands.

See also

inetd(ADMN), inetd.conf(SFF), services(SFF), tftp(TC)

Standards conformance

tftpd is conformant with:

RFC 1123, RFC 1350 (STD 33)


© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 02 June 2005