tftpd man page on Gentoo

Man page or keyword search:  
man Server   6889 pages
apropos Keyword Search (all sections)
Output format
Gentoo logo
[printable version]

TFTPD(8)	       System Manager's Manual: iputils		      TFTPD(8)

NAME
       tftpd - Trivial File Transfer Protocol server

SYNOPSIS
       tftpd directory

DESCRIPTION
       tftpd is a server which supports the DARPA Trivial File Transfer Proto‐
       col (RFC1350).  The TFTP server is started by inetd(8).

       directory is required argument; if it is not given tftpd	 aborts.  This
       path  is prepended to any file name requested via TFTP protocol, effec‐
       tively chrooting tftpd to this directory.  File names are validated not
       to  escape  out	of this directory, however administrator may configure
       such escape using symbolic links.

       It is in difference of variants of tftpd usually distributed with unix-
       like  systems, which take a list of directories and match file names to
       start from one of given prefixes or to some  random  default,  when  no
       arguments  were given. There are two reasons not to behave in this way:
       first, it is inconvenient, clients are not expected to  know  something
       about  layout  of filesystem on server host.  And second, TFTP protocol
       is not a tool for browsing of server's filesystem, it is just an	 agent
       allowing to boot dumb clients.

       In the case when tftpd is used together with rarpd(8), tftp directories
       in these services should coincide and it is expected that  each	client
       booted  via  TFTP  has  boot image corresponding its IP address with an
       architecture  suffix  following	Sun  Microsystems   conventions.   See
       rarpd(8) for more details.

SECURITY
       TFTP protocol does not provide any authentication.  Due to this capital
       flaw tftpd is not able to restrict access to files and will allow  only
       publically  readable files to be accessed. Files may be written only if
       they already exist and are publically writable.

       Impact is evident, directory exported via TFTP must not contain	sensi‐
       tive information of any kind, everyone is allowed to read it as soon as
       a client is allowed. Boot images do not	contain	 such  information  as
       rule,  however  you should think twice before publishing f.e. Cisco IOS
       config files via TFTP, they contain unencrypted passwords and may  con‐
       tain  some  information	about the network, which you were not going to
       make public.

       The tftpd server should be executed by inetd with dropped  root	privi‐
       leges,  namely  with a user ID giving minimal access to files published
       in tftp directory. If it is executed as superuser  occasionally,	 tftpd
       drops  its  UID	and  GID  to 65534, which is most likely not the thing
       which you expect.  However, this is not very essential; remember,  only
       files accessible for everyone can be read or written via TFTP.

SEE ALSO
       rarpd(8), tftp(1), inetd(8).

HISTORY
       The  tftpd command appeared in 4.2BSD. The source in iputils is cleaned
       up both syntactically (ANSIized) and semantically (UDP socket IO).

       It is distributed with iputils mostly as good demo  of  an  interesting
       feature	(MSG_CONFIRM) allowing to boot long images by dumb clients not
       answering ARP requests until they are finally booted.  However, this is
       full functional and can be used in production.

AVAILABILITY
       tftpd is part of iputils package and the latest versions are  available
       in   source    form    at    http://www.skbuff.net/iputils/iputils-cur‐
       rent.tar.bz2.

iputils-121221			24 January 2013			      TFTPD(8)
[top]

List of man pages available for Gentoo

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net