Setting up a TFTP server in Linux is easy. In this case example, I am using Debian. We’re going to install HPA’s TFTP server.
Before installing anything, you should always check if there are existing packages installed. The example below uses aptitude to find out if packages have been installed and it looks like I have tftpd installed with the “i” indicator.
root@tftp-server:~# aptitude search tftpd
p atftpd - advanced TFTP server
p libnet-tftpd-perl - Perl extension for Trivial File Transfer Protocol Server
p tftpd - Trivial file transfer protocol server
i tftpd-hpa - HPA's tftp server
Another way is checking the /etc and /etc/default directory if there is anything related to TFTP. Next, check if you have a service related to tftp that is running. If you do, stop the service so you can uninstall it.
root@tftp-server:~# ps aux | grep tftp
root 4390 0.0 0.3 7832 884 pts/0 S+ 20:39 0:00 grep tftp
Tftpd did not work for me so I’m going to remove it.
root@tftp-server:~# aptitude remove tftpd
The following packages will be REMOVED:
libfile-copy-recursive-perl{u} openbsd-inetd{u} tftpd update-inetd{u}
0 packages upgraded, 0 newly installed, 4 to remove and 30 not upgraded.
Need to get 0 B of archives. After unpacking 302 kB will be freed.
Do you want to continue? [Y/n/?] Y
(Reading database ... 38720 files and directories currently installed.)
Removing tftpd ...
Removing openbsd-inetd ...
[ ok ] Stopping internet superserver: inetd.
Removing update-inetd ...
Removing libfile-copy-recursive-perl ...
Processing triggers for man-db ...
Let’s proceed with the install.
root@tftp-server:~# apt-get install tftpd-hpa
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
pxelinux
The following NEW packages will be installed:
tftpd-hpa
0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded.
Need to get 50.7 kB of archives.
After this operation, 145 kB of additional disk space will be used.
Get:1 http://ftp.us.debian.org/debian/ jessie/main tftpd-hpa amd64 5.2+20140608-3 [50.7 kB]
Fetched 50.7 kB in 0s (403 kB/s)
Preconfiguring packages ...
Selecting previously unselected package tftpd-hpa.
(Reading database ... 31430 files and directories currently installed.)
Preparing to unpack .../tftpd-hpa_5.2+20140608-3_amd64.deb ...
Unpacking tftpd-hpa (5.2+20140608-3) ...
Processing triggers for man-db (2.7.0.2-5) ...
Processing triggers for systemd (215-17+deb8u5) ...
Setting up tftpd-hpa (5.2+20140608-3) ...
Processing triggers for systemd (215-17+deb8u5) ...
root@tftp-server:~#
Check if the directory /srv/tftp is created. It should look like this:
root@tftp-server:~# ls -al /srv/
total 12
drwxr-xr-x 3 root root 4096 Nov 11 12:04 .
drwxr-xr-x 22 root root 4096 Nov 9 13:03 ..
drwxr-xr-x 2 root nogroup 4096 Nov 11 12:04 tftp
root@tftp-server:~#
If /srv/tftp directory does not exist or if it does but not does not have the right permissions, you can follow these steps
If /srv/tftp does not exist, create the TFTP root directory for your TFTP server
root@tftp-server:~# cd /srv
root@tftp-server:~# mkdir tftp
Adjust the permissions for the new directory. Open it for everyone.
root@tftp-server:~# chmod 777 /srv/tftpI’m logged in as root when I created the directory or when I installed the package. This makes the owner root by default. Change the owner of the directory to nobody.
root@tftp-server:/srv# chown nobody:nogroup tftp
root@tftp-server:/srv# ls -al
total 12
drwxr-xr-x 3 root root 4096 Nov 11 12:04 .
drwxr-xr-x 22 root root 4096 Nov 9 13:03 ..
drwxrwxrwx 2 nobody nogroup 4096 Nov 11 12:28 tftp
Verify if the TFTP service is running.
root@tftp-server:~# ps aux | grep tftp
root 5847 0.0 0.0 14860 148 ? Ss 20:39 0:00 /usr/sbin/in.tftpd --listen --user tftp --address 0.0.0.0:69 --secure /var/lib/tftpboot
root 5877 0.0 0.3 7832 880 pts/0 S+ 20:41 0:00 grep tftp
root@tftp-server:/etc/default# service tftpd-hpa
Usage: /etc/init.d/tftpd-hpa {start|stop|restart|force-reload|status}
root@tftp-server:~t# service tftpd-hpa status
[ ok ] in.tftpd is running.
The installation of tftpd-hpa created a configuration file located in /etc/default.
To allow upload of new files to the tftp-server, adjust the configuration file /etc/default/tftpd-hpa. Basically, insert -c into TFTP_OPTIONS and set the TFTP_DIRECTORY to point to the directory you created earlier. The configuration should look more like:
# /etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure -c"
Restarting is done with service tftpd-hpa restart.
root@tftp-server:~# service tftpd-hpa restart
[ ok ] Restarting HPA's tftpd: in.tftpd.
Check the status again
root@tftp-server:/etc/default# service tftpd-hpa status
● tftpd-hpa.service - LSB: HPA's tftp server
Loaded: loaded (/etc/init.d/tftpd-hpa)
Active: active (running) since Fri 2016-11-11 12:14:57 CST; 28s ago
Process: 3466 ExecStop=/etc/init.d/tftpd-hpa stop (code=exited, status=0/SUCCESS)
Process: 3471 ExecStart=/etc/init.d/tftpd-hpa start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/tftpd-hpa.service
└─3477 /usr/sbin/in.tftpd --listen --user tftp --address 0.0.0.0:69 --secure -c /srv/tftp
Nov 11 12:14:57 tftp-server tftpd-hpa[3471]: Starting HPA's tftpd: in.tftpd.
Nov 11 12:14:57 tftp-server systemd[1]: Started LSB: HPA's tftp server.
root@tftp-server:/etc/default#
Most of your questions can be answered by checking the manual
root@tftpd-server:~# man tftpdIf you are using iptables for your firewall, you will need to add support for TFTP. Following is a simple example
IPTABLES=/sbin/iptables
#Load the modules that support TFTP
modprobe ip_conntrack_tftp
modprobe ip_conntrack_ftp
#Allow TFTP requests from 192.168.1.0/24 network
$IPTABLES -A INPUT -s 192.168.1.0/24 -m tcp -p tcp --dport 69 -j ACCEPT
$IPTABLES -A INPUT -s 192.168.1.0/24 -m tcp -p udp --dport 69 -j ACCEPT
Try testing by creating a test.txt file and see if you can download that from your Cisco router and upload its IOS image, for example.