TFTPD(8) - System Manager's Manual

TFTPD(8) - System Manager’s Manual #

TFTPD(8) - System Manager’s Manual

NAME #

tftpd - Trivial File Transfer Protocol daemon

SYNOPSIS #

tftpd [-46cdivw] [-l address] [-p port] [-r socket] directory

DESCRIPTION #

tftpd is a server which implements the Trivial File Transfer Protocol.

The use of tftp(1) does not require an account or password on the remote system. Due to the lack of authentication information, tftpd will allow only publicly readable files to be accessed. By default files may only be read, unless the -w option is specified. Files may be written only if they already exist and are publicly writable, unless the -c flag is specified. Note that this extends the concept of “public” to include all users on all hosts that can be reached through the network; this may not be appropriate on all systems, and its implications should be considered before enabling TFTP service.

The server must be started as root, but will chroot to the directory specified on the command line and drop privileges to the _tftpd user.

tftpd always provides random data at the path /etc/random.seed, and therefore this path will be ignored inside the directory. OpenBSD network bootloaders access this path to harvest entropy during kernel load.

The options are as follows:

-4

Forces tftpd to use IPv4 addresses only.

-6

Forces tftpd to use IPv6 addresses only.

-c

Allow new files to be created; otherwise uploaded files must already exist. Files are created with default permissions allowing anyone to read or write to them.

This option implies -w.

-d

Do not daemonize. If this option is specified, tftpd will run in the foreground and log the client IP, type of request, and filename to stderr.

-i

Look up the requested path in the subdirectory named after the client’s IP address. For read requests, if the file is not found, tftpd falls back on the requested path. Note that no attempt is made to limit the client to its subdirectory. This option cannot be combined with -r.

-l address

Listen on the specified address. By default tftpd listens on wildcard addresses.

-p port

Listen on the specified port. By default tftpd listens on the port indicated in the ‘tftp’ service description; see services(5).

-r socket

Issue filename rewrite requests to the specified UNIX domain socket.
**tftpd**
will write lines in the format "IP OP filename", terminated by a newline,
where IP is the client's IP address, and OP is one of "read" or "write".
**tftpd**
expects replies in the format "filename" terminated by a newline.
All rewrite requests from the daemon must be answered
(even if it is with the original filename)
before the TFTP request will continue.
By default
**tftpd**
does not use filename rewriting.
This option cannot be combined with
**-i**.

-v

Log the client IP, type of request, and filename.

-w

Allow files to be written to.

directory

chroot(2)
to
*directory*
on startup;
the remote host is not expected to pass the directory
as part of the file name to transfer.

SEE ALSO #

tftp(1), pxeboot(8), syslogd(8), tftp-proxy(8)

STANDARDS #

K. Sollins, The TFTP Protocol (Revision 2), RFC 1350, July 1992.

G. Malkin, A. Harkin, TFTP Option Extension, RFC 2347, May 1998.

G. Malkin, A. Harkin, TFTP Blocksize Option, RFC 2348, May 1998.

G. Malkin, A. Harkin, TFTP Timeout Interval and Transfer Size Options, RFC 2349, March 1998.

HISTORY #

The tftpd command was originally a process run via inetd(8) and appeared in 4.2BSD. It was rewritten for OpenBSD 5.2 as a persistent non-blocking daemon.

BUGS #

Many TFTP clients will not transfer files over 16744448 octets (32767 blocks).

OpenBSD 7.5 - October 5, 2022