The Trivial File Transfer Protocol (TFTP) is used to transfer files across a network. Unlike FTP, TFTP doesn’t include authentication. Anyone who can access the TFTP server can upload or download files from it.
TFTP is an inflexible protocol. It doesn’t work through network address translation without a proxy or some kind of intelligence within the translation device, and there’s no interactive session as there is with FTP and SFTP. TFTP is most commonly used to copy configuration files and operating system images for embedded devices such as routers.
OpenBSD uses TFTP to bootstrap diskless systems, as discussed in Chapter 23.
OpenBSD’s tftpd(8)
serves files from a directory, much like a web server. Traditionally, this directory is /tftpboot, but don’t follow tradition in this case (you don’t want a TFTP user filling your server’s root partition!). If you use /tftpboot on your root partition, make sure that your TFTP clients can’t write to the directory. (You could create a /tftpboot partition.) Normally, I create /var/tftpboot and tell tftpd
to use that as its root directory. If your fingers are used to typing /tftpboot
, create a symlink.
To enable tftpd
, set tftpd_flags
in rc.conf.local to the TFTP root directory.
tftpd_flags="/var/tftpboot"
tftpd
chroot
s to the directory you specify, so tftpd
cannot access files outside this directory.
TFTP uses file permissions as an access control method. Because all files on the TFTP server can be read by anyone who can access the server port, TFTP will let clients read files in its root directory only if they are world-readable. To make them world-readable, do this:
# chmod +r /var/tftpboot/filename
Similarly, tftpd
will not allow anyone to upload a file unless a file of that name already exists and is world-writable. This means that anyone who knows a file’s name can overwrite it, so make vital files read-only. If an attacker can’t write files, he can’t fill your hard drive.
To create files via TFTP, so that you can upload files that don’t already exist, run tftpd
with the -c
option.
tftpd
starts as root in order to bind UDP port 69, but it then drops privileges and runs as the unprivileged user _tftpd
. Any files tftpd
created will be owned by its user. As a general rule, the files in the TFTP root directory should not be owned by _tftpd
, in order to make sure that the server cannot affect the files it serves.
You should log your TFTP transfers. Use the -v
flag to send the transaction log to syslogd
.
tftpd_flags="-v /var/tftpboot"
tftpd
logs uses the FTP facility to log messages to /var/log/daemon.
Use tftp(1)
to test your TFTP server.
$ tftp caddis tftp> get testboot.iso Received 20879569 bytes in 10.4 seconds
You won’t see any friendly hash marks as you download the file, and you can’t change to another directory or list the contents of the TFTP server. Once the test is complete, use quit
to end your TFTP session.
After you have a TFTP client and server set up, you’ll be ready to serve diskless OpenBSD machines, router operating system images, or anything else you need.