1 <refentry id="tftpd"> 2 3 <refmeta> 4 <refentrytitle>tftpd</refentrytitle> 5 <manvolnum>8</manvolnum> 6 <refmiscinfo>iputils-&snapshot;</refmiscinfo> 7 </refmeta> 8 9 <refnamediv> 10 <refname>tftpd</refname> 11 <refpurpose>Trivial File Transfer Protocol server</refpurpose> 12 </refnamediv> 13 14 <refsynopsisdiv> 15 <cmdsynopsis> 16 <command>tftpd</command> 17 <arg choice="req"><replaceable/directory/</arg> 18 </cmdsynopsis> 19 </refsynopsisdiv> 20 21 <refsect1><title>DESCRIPTION</title> 22 <para> 23 <command/tftpd/ is a server which supports the DARPA 24 Trivial File Transfer Protocol 25 (<ulink url="http://tools.ietf.org/rfc/rfc1350.txt">RFC1350</ulink>). 26 The TFTP server is started 27 by <citerefentry><refentrytitle/inetd/<manvolnum/8/</citerefentry>. 28 </para> 29 30 <para> 31 <replaceable/directory/ is required argument; if it is not given 32 <command/tftpd/ aborts. This path is prepended to any file name requested 33 via TFTP protocol, effectively chrooting <command/tftpd/ to this directory. 34 File names are validated not to escape out of this directory, however 35 administrator may configure such escape using symbolic links. 36 </para> 37 38 <para> 39 It is in difference of variants of <command/tftpd/ usually distributed 40 with unix-like systems, which take a list of directories and match 41 file names to start from one of given prefixes or to some random 42 default, when no arguments were given. There are two reasons not to 43 behave in this way: first, it is inconvenient, clients are not expected 44 to know something about layout of filesystem on server host. 45 And second, TFTP protocol is not a tool for browsing of server's filesystem, 46 it is just an agent allowing to boot dumb clients. 47 </para> 48 49 <para> 50 In the case when <command/tftpd/ is used together with 51 <link linkend="rarpd"> 52 <citerefentry><refentrytitle/rarpd/<manvolnum/8/</citerefentry></link>, 53 tftp directories in these services should coincide and it is expected 54 that each client booted via TFTP has boot image corresponding 55 its IP address with an architecture suffix following Sun Microsystems 56 conventions. See 57 <link linkend="rarpd"> 58 <citerefentry><refentrytitle/rarpd/<manvolnum/8/</citerefentry></link> 59 for more details. 60 </para> 61 </refsect1> 62 63 <refsect1><title>SECURITY</title> 64 <para> 65 TFTP protocol does not provide any authentication. 66 Due to this capital flaw <command/tftpd/ is not able to restrict 67 access to files and will allow only publically readable 68 files to be accessed. Files may be written only if they already 69 exist and are publically writable. 70 </para> 71 72 <para> 73 Impact is evident, directory exported via TFTP <emphasis/must not/ 74 contain sensitive information of any kind, everyone is allowed 75 to read it as soon as a client is allowed. Boot images do not contain 76 such information as rule, however you should think twice before 77 publishing f.e. Cisco IOS config files via TFTP, they contain 78 <emphasis/unencrypted/ passwords and may contain some information 79 about the network, which you were not going to make public. 80 </para> 81 82 <para> 83 The <command/tftpd/ server should be executed by <command/inetd/ 84 with dropped root privileges, namely with a user ID giving minimal 85 access to files published in tftp directory. If it is executed 86 as superuser occasionally, <command/tftpd/ drops its UID and GID 87 to 65534, which is most likely not the thing which you expect. 88 However, this is not very essential; remember, only files accessible 89 for everyone can be read or written via TFTP. 90 </para> 91 92 </refsect1> 93 94 95 <refsect1><title>SEE ALSO</title> 96 <para> 97 <link linkend="rarpd"> 98 <citerefentry><refentrytitle/rarpd/<manvolnum/8/</citerefentry></link>, 99 <citerefentry><refentrytitle/tftp/<manvolnum/1/</citerefentry>, 100 <citerefentry><refentrytitle/inetd/<manvolnum/8/</citerefentry>. 101 </para> 102 </refsect1> 103 104 <refsect1><title>HISTORY</title> 105 <para> 106 The <command/tftpd/ command appeared in 4.2BSD. The source in iputils 107 is cleaned up both syntactically (ANSIized) and semantically (UDP socket IO). 108 </para> 109 <para> 110 It is distributed with iputils mostly as good demo of an interesting feature 111 (<constant/MSG_CONFIRM/) allowing to boot long images by dumb clients 112 not answering ARP requests until they are finally booted. 113 However, this is full functional and can be used in production. 114 </para> 115 </refsect1> 116 117 118 <refsect1><title>AVAILABILITY</title> 119 <para> 120 <command/tftpd/ is part of <filename/iputils/ package 121 and the latest versions are available in source form at 122 <ulink url="http://www.skbuff.net/iputils/iputils-current.tar.bz2"> 123 http://www.skbuff.net/iputils/iputils-current.tar.bz2</ulink>. 124 </para> 125 </refsect1> 126 127 128 <![IGNORE[ 129 <refsect1><title>COPYING</title> 130 <para> 131 <literallayout> 132 This documentation is free software; you can redistribute 133 it and/or modify it under the terms of the GNU General Public 134 License Version 2. 135 136 This program is distributed in the hope that it will be 137 useful, but WITHOUT ANY WARRANTY; without even the implied 138 warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 139 See the GNU General Public License for more details. 140 141 For more details see the file COPYING in the source 142 distribution of Linux kernel of version 2.4. 143 </literallayout> 144 </literallayout> 145 </para> 146 </refsect1> 147 ]]> 148 149 150 151 </refentry> 152
