How to configure a TFTP server in Linux

TFTP (Trivial File Transfer Protocol) was first described in 1980. It is a rather old protocol published in June 1981 as TFTP protocol revision 2 in RFC 783 (Request For Comments) by Karen R. Sollins.

In the beginning, the main purpose of TFTP was to send and receive files over a network. In particular, it was used to transfer files needed for booting to allow systems to boot over a network.

USE VIDEO OF THE DAY

Here’s how to set up a TFTP server on a Linux machine.

What is TFTP?

TFTP is still used for file transfer purposes and there is no fundamental change in the features it supports. TFTP is used to download and send files over UDP/IP. It does not have additional functions such as identity and authorization checking, file listing, deletion or renaming, which are usually found in other file transfer protocols.

Unlike advanced file transfer protocols which use TCP in the transmission layer, it works on UDP protocol and does not have features such as checking whether or not packets belonging to the file are going to the other side. Due to this limitation, it is more suitable for use in local area networks rather than over the Internet or wide area networks.


Despite all of these seemingly negative characteristics listed above, one aspect of the TFTP protocol that is very strong is its simplicity. Implementing the protocol is quite easy compared to its alternatives, even for environments that don’t have an operating system on them. Due to this feature, it has a wide area of ​​use in embedded systems.

Install a TFTP server on Linux

When working with embedded devices, it is important that the TFTP server service is installed. On Linux systems, multiple TFTP server implementations may be running. If you are using a Debian-based distribution, you can install the tftpd-hpa, tftpdWhere atftpd packages. If you are unsure which one to choose, consider installing the tftpd-hpa package.

sudo apt-get install tftpd-hpa

After installation, the TFTP service will start listening on UDP port 69. To serve files to other systems via the TFTP server, you need to keep a few prerequisites in mind:

  • Copy the required file to the TFTP base directory or to a directory below that base directory
  • Make File Permissions Publicly Visible

To know what is the home directory of the TFTP server, you can consult the TFTP_DIRECTORY variables in the /etc/default/tftpd-hpa case. Usually you will see directories like /var/lib/tftpboot Where /srv/tftp. If you wish, you can change this directory and restart the service.

cat /etc/default/tftpd-hpa

For ease of use, if you change the owner of the appropriate TFTP home directory to your user account, you won’t need to add the sudo prefix to every command you run. Use the chown command to change ownership from root to the current user:

sudo chown -R $USER /srv/tftp

TFTP server package names and default base directories may differ depending on the Linux distribution used.

Sending Files with TFTP Server

Sometimes there are situations where TFTP is the only option to move a file from your embedded Linux system to the external environment. For example, sometimes the system may not support any writable media using which you can transfer the file.


In such cases, since the TFTP client will likely be compiled in busy boxyou can send a file saved in the system to a TFTP server on a network.

To use the TFTP client application, issue the TFTP busy ordered:

busybox tftp                                                                                

To send a sample file to the TFTP server, you would use a command like this:

busybox tftp -l example.bin -p 192.168.1.100

Although the above command is correct, you will get an error while transferring the file to your TFTP server. Since the returned error message is not self-explanatory, it’s hard to figure out what the real problem is.

The problem here is due to some security procedures on the TFTP server. TFTP requires that a file with the same name be in the directory where the file will be written to as a prerequisite for a file upload and that write access for that file be available to everyone.

In other words, it is not possible to download a file that does not exist on the TFTP server via TFTP clients. If you create an empty file with the same name and change its access rights, the above upload process will succeed. To do this, you must execute the following commands in the home directory of the TFTP server concerned:

cd /srv/tftp 
touch example.bin
chmod 666 example.bin

You can now complete your download successfully.

It is also possible to disable the security measure above and cause the TFTP server to create a file that does not exist. For this you can use the -vs Where –create parameter at the start of the tftpd-hpa application. Just add this parameter to the existing TFTPD_OPTIONS variables in the /etc/default/tftpd-hpa case:


TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure --create"

Why use a TFTP server for file transfer?

The most important advantage of TFTP is that it is fast and helps you save time. It is an ideal option for transferring configuration files from network devices to other systems. In addition, it has very simple criteria for use. It works comfortably with software on both Windows and Linux operating systems. Finally, TFTP is always there to save the day in situations where you technically cannot use FTP.

The biggest downside is, of course, that it’s not safe. Therefore, you must be very careful when transferring files using a TFTP server.

Other than file transfers, you cannot perform functions such as deleting, editing, and modifying files using a TFTP server. This feature is a major drawback for those using or looking for advanced systems. Lastly, it doesn’t require authentication, which is a major downside if you’re serious about your security.


Configuring TFTP on Other Operating Systems

If you plan to use TFTP on Windows, you don’t need to install any third-party software. You can enable TFTP with the Turn Windows features on or off option in Control Panel.

Comments are closed.