1TFTPD(8) System Manager's Manual TFTPD(8)
2
3
4
6 tftpd - Trivial File Transfer Protocol server
7
9 in.tftpd [options...] directory...
10
12 tftpd is a server for the Trivial File Transfer Protocol. The TFTP
13 protocol is extensively used to support remote booting of diskless
14 devices. The server is normally started by inetd, but can also run
15 standalone.
16
18 --ipv4, -4
19 Connect with IPv4 only, even if IPv6 support was compiled in.
20
21 --ipv6, -6
22 Connect with IPv6 only, if compiled in.
23
24 -l, --listen
25 Run the server in standalone (listen) mode, rather than run from
26 inetd. In listen mode, the --timeout option is ignored, and the
27 --address option can be used to specify a specific local address
28 or port to listen to.
29
30 --foreground, -L
31 Similar to --listen but do not detach from the foreground
32 process. Implies --listen.
33
34 --address [address][:port], -a [address][:port]
35 Specify a specific address and port to listen to when called
36 with the --listen or --foreground option. The default is to
37 listen to the tftp port specified in /etc/services on all local
38 addresses.
39
40 Please note: Numeric IPv6 adresses must be enclosed in square
41 brackets to avoid ambiguity with the optional port information.
42
43 --create, -c
44 Allow new files to be created. By default, tftpd will only
45 allow upload of files that already exist. Files are created
46 with default permissions allowing anyone to read or write them,
47 unless the --permissive or --umask options are specified.
48
49 --secure, -s
50 Change root directory on startup. This means the remote host
51 does not need to pass along the directory as part of the trans‐
52 fer, and may add security. When --secure is specified, exactly
53 one directory should be specified on the command line. The use
54 of this option is recommended for security as well as compati‐
55 bility with some boot ROMs which cannot be easily made to
56 include a directory name in its request.
57
58 --user username, -u username
59 Specify the username which tftpd will run as; the default is
60 "nobody". The user ID, group ID, and (if possible on the plat‐
61 form) the supplementary group IDs will be set to the ones speci‐
62 fied in the system permission database for this username.
63
64 --umask umask, -U umask
65 Sets the umask for newly created files to the specified value.
66 The default is zero (anyone can read or write) if the --permis‐
67 sive option is not specified, or inherited from the invoking
68 process if --permissive is specified.
69
70 --permissive, -p
71 Perform no additional permissions checks above the normal sys‐
72 tem-provided access controls for the user specified via the
73 --user option.
74
75 --pidfile pidfile, -P pidfile
76 When run in standalone mode, write the process ID of the listen‐
77 ing server into pidfile. On normal termination (SIGTERM or SIG‐
78 INT) the pid file is automatically removed.
79
80 --timeout timeout, -t timeout
81 When run from inetd this specifies how long, in seconds, to wait
82 for a second connection before terminating the server. inetd
83 will then respawn the server when another request comes in. The
84 default is 900 (15 minutes.)
85
86 --retransmit timeout, -T timeout
87 Determine the default timeout, in microseconds, before the first
88 packet is retransmitted. This can be modified by the client if
89 the timeout or utimeout option is negotiated. The default is
90 1000000 (1 second.)
91
92 --map-file remap-file, -m remap-file
93 Specify the use of filename remapping. The remap-file is a file
94 containing the remapping rules. See the section on filename
95 remapping below. This option may not be compiled in, see the
96 output of in.tftpd -V to verify whether or not it is available.
97
98 --verbose, -v
99 Increase the logging verbosity of tftpd. This flag can be spec‐
100 ified multiple times for even higher verbosity.
101
102 --verbosity value
103 Set the verbosity value to value.
104
105 --refuse tftp-option, -r tftp-option
106 Indicate that a specific RFC 2347 TFTP option should never be
107 accepted.
108
109 --blocksize max-block-size, -B max-block-size
110 Specifies the maximum permitted block size. The permitted range
111 for this parameter is from 512 to 65464. Some embedded clients
112 request large block sizes and yet do not handle fragmented pack‐
113 ets correctly; for these clients, it is recommended to set this
114 value to the smallest MTU on your network minus 32 bytes (20
115 bytes for IP, 8 for UDP, and 4 for TFTP; less if you use IP
116 options on your network.) For example, on a standard Ethernet
117 (MTU 1500) a value of 1468 is reasonable.
118
119 --port-range port:port, -R port:port
120 Force the server port number (the Transaction ID) to be in the
121 specified range of port numbers.
122
123 --version, -V
124 Print the version number and configuration to standard output,
125 then exit gracefully.
126
128 This version of tftpd supports RFC 2347 option negotation. Currently
129 implemented options are:
130
131 blksize (RFC 2348)
132 Set the transfer block size to anything less than or equal to
133 the specified option. This version of tftpd can support any
134 block size up to the theoretical maximum of 65464 bytes.
135
136 blksize2 (nonstandard)
137 Set the transfer block size to anything less than or equal to
138 the specified option, but restrict the possible responses to
139 powers of 2. The maximum is 32768 bytes (the largest power of 2
140 less than or equal to 65464.)
141
142 tsize (RFC 2349)
143 Report the size of the file that is about to be transferred.
144 This version of tftpd only supports the tsize option for binary
145 (octet) mode transfers.
146
147 timeout (RFC 2349)
148 Set the time before the server retransmits a packet, in seconds.
149
150 utimeout (nonstandard)
151 Set the time before the server retransmits a packet, in
152 microseconds.
153
154 rollover (nonstandard)
155 Set the block number to resume at after a block number rollover.
156 The default and recommended value is zero.
157
158 The --refuse option can be used to disable specific options; this may
159 be necessary to work around bugs in specific TFTP client implementa‐
160 tions. For example, some TFTP clients have been found to request the
161 blksize option, but crash with an error if they actually get the option
162 accepted by the server.
163
165 The --mapfile option specifies a file which contains filename remapping
166 rules. Each non-comment line (comments begin with hash marks, #) con‐
167 tains an operation, specified below; a regex, a regular expression in
168 the style of egrep; and optionally a replacement pattern. The opera‐
169 tion indicated by operation is performed if the regex matches all or
170 part of the filename. Rules are processed from the top down, and by
171 default, all rules are processed even if there is a match.
172
173 The operation can be any combination of the following letters:
174
175 r Replace the substring matched by regex by the replacement pat‐
176 tern. The replacement pattern may contain escape sequences; see
177 below.
178
179 g Repeat this rule until it no longer matches. This is always
180 used with r.
181
182 i Match the regex case-insensitively. By default it is case sen‐
183 sitive.
184
185 e If this rule matches, end rule processing after executing the
186 rule.
187
188 s If this rule matches, start rule processing over from the very
189 first rule after executing this rule.
190
191 a If this rule matches, refuse the request and send an access
192 denied error to the client.
193
194 G This rule applies to GET (RRQ) requests only.
195
196 P This rule applies to PUT (WRQ) requests only.
197
198 ~ Inverse the sense of this rule, i.e. execute the operation only
199 if the regex doesn't match. Cannot used together with r.
200
201 The following escape sequences are recognized as part of the replace‐
202 ment pattern:
203
204 \0 The entire string matched by the regex.
205
206 \1 to \9
207 The strings matched by each of the first nine parenthesized sub‐
208 expressions, \( ... \), of the regex pattern.
209
210 \i The IP address of the requesting host, in dotted-quad notation
211 (e.g. 192.0.2.169).
212
213 \x The IP address of the requesting host, in hexadecimal notation
214 (e.g. C00002A9).
215
216 \\ Literal backslash.
217
218 \whitespace
219 Literal whitespace.
220
221 \# Literal hash mark.
222
223 \U Turns all subsequent letters to upper case.
224
225 \L Turns all subsequent letters to lower case.
226
227 \E Cancels the effect of \U or \L.
228
229 If the mapping file is changed, you need to send SIGHUP to any out‐
230 standing tftpd process.
231
233 The use of TFTP services does not require an account or password on the
234 server system. Due to the lack of authentication information, tftpd
235 will allow only publicly readable files (o+r) to be accessed, unless
236 the --permissive option is specified. Files may be written only if
237 they already exist and are publicly writable, unless the --create
238 option is specified. Note that this extends the concept of ``public''
239 to include all users on all hosts that can be reached through the net‐
240 work; this may not be appropriate on all systems, and its implications
241 should be considered before enabling TFTP service. Typically, some
242 kind of firewall or packet-filter solution should be employed. If
243 appropriately compiled (see the output of in.tftpd --version) tftpd
244 will query the hosts_access(5) database for access control information.
245 This may be slow; sites requiring maximum performance may want to com‐
246 pile without this option and rely on firewalling or kernel-based packet
247 filters instead.
248
249 The server should be set to run as the user with the lowest possible
250 privilege; please see the --user flag. It is probably a good idea to
251 set up a specific user account for tftpd, rather than letting it run as
252 "nobody", to guard against privilege leaks between applications.
253
254 Access to files can, and should, be restricted by invoking tftpd with a
255 list of directories by including pathnames as server program arguments
256 on the command line. In this case access is restricted to files whole
257 names are prefixed by one of the given directories. If possible, it is
258 recommended that the --secure flag is used to set up a chroot() envi‐
259 ronment for the server to run in once a connection has been set up.
260
261 Finally, the filename remapping (--mapfile flag) support can be used to
262 provide a limited amount of additional access control.
263
265 RFC 1123, Requirements for Internet Hosts - Application and Support.
266 RFC 1350, The TFTP Protocol (revision 2).
267 RFC 2347, TFTP Option Extension.
268 RFC 2348, TFTP Blocksize Option.
269 RFC 2349, TFTP Timeout Interval and Transfer Size Options.
270
272 This version of tftpd is maintained by H. Peter Anvin <hpa@zytor.com>.
273 It was derived from, but has substantially diverged from, an OpenBSD
274 source base, with added patches by Markus Gutschke and Gero Kulhman.
275
277 tftp(1), egrep(1), umask(2), hosts_access(5), regex(7), inetd(8).
278
279
280
281tftp-hpa 5.2 14 September 2009 TFTPD(8)