User Tools

Site Tools


tech:server:tftp:tftp

TFTP

Trivial File Transfer Protocol.

This section assume Ubuntu Server 18.04 LTS.

Installation

sudo apt install -y tftpd-hpa
sudo systemctl enable tftpd-hpa
sudo systemctl restart tftpd-hpa
wnoguchi@shizuku:~$ systemctl status tftpd-hpa
● tftpd-hpa.service - LSB: HPA's tftp server
   Loaded: loaded (/etc/init.d/tftpd-hpa; generated)
   Active: active (running) since Thu 2019-11-14 12:16:06 UTC; 15s ago
     Docs: man:systemd-sysv-generator(8)
    Tasks: 1 (limit: 1109)
   CGroup: /system.slice/tftpd-hpa.service
           └─3093 /usr/sbin/in.tftpd --listen --user tftp --address :69 --secure /var/lib/tftpboot

Nov 14 12:16:06 shizuku systemd[1]: Starting LSB: HPA's tftp server...
Nov 14 12:16:06 shizuku tftpd-hpa[3073]:  * Starting HPA's tftpd in.tftpd
Nov 14 12:16:06 shizuku tftpd-hpa[3073]:    ...done.
Nov 14 12:16:06 shizuku systemd[1]: Started LSB: HPA's tftp server.

and do not forget add firewalld rule.

sudo ufw allow 69/tcp

Configuration

to create new file -c option. default behavior file not exist error.

/etc/default/tftpd-hpa
# /etc/default/tftpd-hpa
 
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS=":69"
TFTP_OPTIONS="-c --secure"

and make sure tftpd-hpa execute user or group have write permission.

by default, /var/lib/tftpboot/ ownership is root:tftp.

wnoguchi@shizuku:~$ systemctl status tftpd-hpa
● tftpd-hpa.service - LSB: HPA's tftp server
   Loaded: loaded (/etc/init.d/tftpd-hpa; generated)
   Active: active (running) since Thu 2019-11-14 22:15:46 UTC; 2 days ago
     Docs: man:systemd-sysv-generator(8)
  Process: 3637 ExecStop=/etc/init.d/tftpd-hpa stop (code=exited, status=0/SUCCESS)
  Process: 3642 ExecStart=/etc/init.d/tftpd-hpa start (code=exited, status=0/SUCCESS)
    Tasks: 1 (limit: 1109)
   CGroup: /system.slice/tftpd-hpa.service
           └─3650 /usr/sbin/in.tftpd --listen --user tftp --address :69 -c --secure /var/lib/tftpboot

Nov 14 22:15:46 shizuku systemd[1]: Starting LSB: HPA's tftp server...
Nov 14 22:15:46 shizuku tftpd-hpa[3642]:  * Starting HPA's tftpd in.tftpd
Nov 14 22:15:46 shizuku tftpd-hpa[3642]:    ...done.
Nov 14 22:15:46 shizuku systemd[1]: Started LSB: HPA's tftp server.
wnoguchi@shizuku:~$ ls -ld /var/lib/tftpboot/
drwxr-xr-x 2 root nogroup 4096 Nov 14 12:16 /var/lib/tftpboot/

If you do not that, you get Permission deinied error.

root@shizuku:/var/lib/tftpboot# tcpdump -nXi ens160 host 10.0.128.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens160, link-type EN10MB (Ethernet), capture size 262144 bytes
22:32:14.230974 IP 10.0.128.1.50004 > 10.0.128.254.69:  15 WRQ "R1.txt" octet
        0x0000:  4500 002b 0000 0000 ff11 a6c2 0a00 8001  E..+............
        0x0010:  0a00 80fe c354 0045 0017 64b3 0002 5231  .....T.E..d...R1
        0x0020:  2e74 7874 006f 6374 6574 0000 0000       .txt.octet....
22:32:14.232295 IP 10.0.128.254.43453 > 10.0.128.1.50004: UDP, length 22
        0x0000:  4500 0032 10b3 0000 4011 5509 0a00 80fe  E..2....@.U.....
        0x0010:  0a00 8001 a9bd c354 001e 152f 0005 0000  .......T.../....
        0x0020:  5065 726d 6973 7369 6f6e 2064 656e 6965  Permission.denie
        0x0030:  6400                                     d.
sudo chown tftp:tftp /var/lib/tftpboot/
wnoguchi@shizuku:~$ ls -ld /var/lib/tftpboot/
drwxr-xr-x 2 tftp tftp 4096 Nov 17 00:06 /var/lib/tftpboot/
sudo systemctl restart tftpd-hpa

another usage

man tftp-hpa

References

tech/server/tftp/tftp.txt · Last modified: 2019/11/17 09:18 by wnoguchi