TFTPD(8) BSD System Manager's Manual TFTPD(8)NAMEtftpd — Internet Trivial File Transfer Protocol server
SYNOPSIStftpd [-cdClnow] [-F strftime-format] [-s directory] [-u user] [-U umask]
The tftpd utility is a server which supports the Internet Trivial File
Transfer Protocol (RFC 1350). The TFTP server operates at the port indi‐
cated in the ‘tftp’ service description; see services(5). The server is
normally started by inetd(8).
The use of tftp(1) does not require an account or password on the remote
system. Due to the lack of authentication information, tftpd will allow
only publicly readable files to be accessed. Files containing the string
“/../” or starting with “../” are not allowed. Files may be written only
if they already exist and are publicly writable. Note that this extends
the concept of “public” to include all users on all hosts that can be
reached through the network; this may not be appropriate on all systems,
and its implications should be considered before enabling tftp service.
The server should have the user ID with the lowest possible privilege.
Access to files may be restricted by invoking tftpd with a list of direc‐
tories by including up to 20 pathnames as server program arguments in
inetd.conf(5). In this case access is restricted to files whose names
are prefixed by the one of the given directories. The given directories
are also treated as a search path for relative filename requests.
The -s option provides additional security by changing the root directory
of tftpd, thereby prohibiting accesses to outside of the specified
directory. Because chroot(2) requires super-user privileges, tftpd must
be run as root. However, after performing the chroot(2) call, tftpd will
set its user ID to that of the specified user, or “nobody” if no -u
option is specified.
The options are:
-c Changes the default root directory of a connecting host via
chroot(2) based on the connecting IP address. This prevents mul‐
tiple clients from writing to the same file at the same time. If
the directory does not exist, the client connection is refused.
The -s option is required for -c and the specified directory is
used as a base.
-C Operates the same as -c except it falls back to directory speci‐
fied via -s if a directory does not exist for the client's IP.
-F Use this strftime(3) compatible format string for the creation of
the suffix if -W is specified. By default the string "%Y%m%d" is
-d Enables debug output. If specified twice, it will log DATA and
ACK packets too.
-l Log all requests using syslog(3) with the facility of LOG_FTP.
Note: Logging of LOG_FTP messages must also be enabled in the
syslog configuration file, syslog.conf(5).
-n Suppress negative acknowledgement of requests for nonexistent
-o Disable support for RFC2347 style TFTP Options.
Cause tftpd to change its root directory to directory. After
doing that but before accepting commands, tftpd will switch cre‐
dentials to an unprivileged user.
Switch credentials to user (default “nobody”) when the -s option
is used. The user must be specified by name, not a numeric UID.
Set the umask for newly created files. The default is 022
(S_IWGRP | S_IWOTH).
-w Allow write requests to create new files. By default tftpd
requires that the file specified in a write request exist. Note
that this only works in directories writable by the user speci‐
fied with -u option
-W As -w but append a YYYYMMDD.nn sequence number to the end of the
filename. Note that the string YYYYMMDD can be changed with the
SEE ALSOtftp(1), chroot(2), syslog(3), inetd.conf(5), services(5),
K. R. Sollins, The TFTP Protocol (Revision 2), July 1992, RFC 1350, STD
The tftpd utility appeared in 4.2BSD; the -s option was introduced in
FreeBSD 2.2, the -u option was introduced in FreeBSD 4.2, the -c option
was introduced in FreeBSD 4.3, and the -F and -W options were introduced
in FreeBSD 7.4.
Support for Timeout Interval and Transfer Size Options (RFC2349) was
introduced in FreeBSD 5.0, support for the TFTP Blocksize Option
(RFC2348) and the blksize2 option was introduced in FreeBSD 7.4.
Files larger than 33488896 octets (65535 blocks) cannot be transferred
without client and server supporting blocksize negotiation (RFC2348).
Many tftp clients will not transfer files over 16744448 octets (32767
BSD September 14, 2000 BSD