tftpd(1M)tftpd(1M)NAMEtftpd - trivial file transfer protocol server
SYNOPSIS
retran-seconds] -S -i] total-seconds] port] port] [path ...]
DESCRIPTION
is a server that supports the Internet Trivial File Transfer Protocol
(RFC783). The TFTP server operates at the port indicated in the ser‐
vice description (see services(4)). The server is normally started by
using the file (see inetd(1M) and inetd.conf(4)).
Options
supports the following options:
This option writes the debugging information into the syslog
file.
This option specifies the per-packet retransmission timeout, in
seconds.
The default value is 5 seconds.
This option disables the client side options:
and individually. By default, these options are
enabled. For example, to disable timeout negotiation
between a client and the server, start the server with
the following command:
This option enables
to work in the Service Guard environment. This option
is required for some clients. These clients reject
the reply received from a different IP address than
the one requested when the server's interface is con‐
figured with an alias IP address.
Usage of '-s' option in is strongly NOT recommended,
otherwise server drops the first packet sent by client
in Service Guard environment. This option should be
used along with '-S'(standalone mode) option in a
newly created configuration file to avoid first packet
loss.
For running as standalone in Service Guard environ‐
ment, a newly defined macro should be set to '1' in
file and use the start-up script to manually start or
stop OR reboot the machine with appropriate setting (0
or 1) of flag in the configuration file
This is an example for manually starting or stopping
of tftpd in standalone mode:
This option enables
to be invoked in standalone mode. This option should
be used along with -s(Service Guard) option in config‐
uration file
Using this option in will be ignored by the
This option enables
to use IPv4 socket in Service Guard environment. By
default IPv6 is used. This option should be used
along with '-s' and '-S' in configuration file
This option specifies the total retransmission timeout, in sec‐
onds.
The default value is 25 seconds.
This option specifies the lower limit of the port range for data
transfer.
This option specifies the upper limit of the port range for data
transfer.
NOTE: The
tunables should be considered before defining the If
the option is defined without using the option, the
upper limit is set to 65535. If the option is defined
without using the option, the lower limit is set to
1024.
The path parameter has the following effects:
· operates in either of two modes or their combination. The first
mode requires a defined home directory for the pseudo-user and
looks for files relative to that path. The second mode requires
one or more paths be specified on the command line, and allows
access only to files whose paths match or begin with one of the
command line specifications. The first mode is backward-compati‐
ble with previous releases of HP-UX and supports somewhat tighter
security. The second mode is compatible with other vendors'
implementations of and allows greater flexibility in accessing
files.
· If no path is specified on the command line, requires an entry in
the database (see passwd(4)) for an account (pseudo-user) named
The password field should be the group membership should be and
the login shell should be For example (assuming the guest group
ID is 101):
uses a call to to change its root directory to be the same as the
home directory of the pseudo-user This restricts access by
clients to only those files found below the home directory (see
chroot(2)). Furthermore, clients can only read files in that
directory if they are readable by the pseudo-user and clients can
only write files in that directory if they exist and are writable
by the pseudo-user
· If any path is specified on the command line, does not require
that a pseudo-user named exist in The specified paths control
access to files by clients. Each path is treated as being rela‐
tive to (not the home directory), and can be either a directory
or a file. disallows a client access to any file that does not
match entirely or in its initial components one of the restric‐
tion paths. It also disallows access to any file path containing
However, an accessed file can be a symbolic link that points out‐
side the set of restricted paths.
· If any path is specified on the command line and the home direc‐
tory is defined and is not first looks for a file relative to
(under) the home directory. If the file is not found there, then
looks for the file relative to with path restrictions applied.
Thus if two files with the same name can be found in both loca‐
tions, accesses the one under home directory.
Note that allows continuation of command lines in by ending continued
lines with a backlash.
Defining the pseudo-user is strongly recommended even when paths are
specified, because client access is further restricted to files that
can be read and/or written by this pseudo-user. It is safe to set the
pseudo-user's home directory to in this case.
DIAGNOSTICS
The following diagnostics are logged to the facility at the log level
(see syslogd(1M)).
The pseudo-user
was not found in the password database and was invoked
without any path arguments.
Add or correct the entry for the pseudo-user in the pass‐
word database Or, add an access list (path arguments) to
the arguments in the configuration file Reconfigure with
the command
An invalid option was specified in the
arguments in the configuration file
Remove or correct the option. Restart with the command
The value given for the
option was not a number or was a negative number.
Correct the value given for the option. Reconfigure with
the command
The value given for the
option was not a number or was a negative number.
Correct the value given for the option. Reconfigure with
the command
The named
system call failed. See the corresponding manual entry
for a description of the system call. The reason for the
failure is explained in the error message appended to the
system call.
WARNINGS
When invoked with no path arguments, cannot follow symbolic links that
refer to paths outside of the home directory of the pseudo-user because
it performs a
AUTHOR
was developed by the University of California, Berkeley, and Hewlett-
Packard.
SEE ALSOtftp(1), inetd(1M), syslogd(1M), chroot(2), inetd.conf(4), passwd(4).
STANDARDS CONFORMANCE
RFC783, RFC2347, RFC2348, RFC2349.
tftpd(1M)