{"id":339,"date":"2014-10-16T02:26:01","date_gmt":"2014-10-16T02:26:01","guid":{"rendered":"http:\/\/eltonoverip.com\/blog\/?p=339"},"modified":"2016-11-11T18:35:18","modified_gmt":"2016-11-11T18:35:18","slug":"tftp-server-on-debian","status":"publish","type":"post","link":"https:\/\/eltonoverip.com\/blog\/2014\/10\/tftp-server-on-debian\/","title":{"rendered":"TFTP server on Debian"},"content":{"rendered":"

Setting up a TFTP server in Linux is easy. In this case example, I am using Debian. We’re going to install HPA’s TFTP server.<\/p>\n

Before installing anything, you should always check if there are existing packages installed. The example below uses aptitude to find out if packages have been installed and it looks like I have tftpd<\/code> installed with the “i” indicator. <\/p>\n

\r\n\r\nroot@tftp-server:~# aptitude search tftpd\r\np   atftpd                                                                      - advanced TFTP server\r\np   libnet-tftpd-perl                                                           - Perl extension for Trivial File Transfer Protocol Server\r\np   tftpd                                                                       - Trivial file transfer protocol server\r\ni   tftpd-hpa                                                                   - HPA's tftp server\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Another way is checking the \/etc<\/code> and \/etc\/default<\/code> directory if there is anything related to TFTP.  Next, check if you have a service related to tftp that is running.  If you do, stop the service so you can uninstall it.<\/p>\n
\r\n\r\nroot@tftp-server:~# ps aux | grep tftp\r\nroot 4390 0.0 0.3 7832 884 pts\/0 S+ 20:39 0:00 grep tftp\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Tftpd did not work for me so I’m going to remove it.<\/p>\n
\r\n\r\nroot@tftp-server:~# aptitude remove tftpd\r\nThe following packages will be REMOVED:\r\nlibfile-copy-recursive-perl{u} openbsd-inetd{u} tftpd update-inetd{u}\r\n0 packages upgraded, 0 newly installed, 4 to remove and 30 not upgraded.\r\nNeed to get 0 B of archives. After unpacking 302 kB will be freed.\r\nDo you want to continue? [Y\/n\/?] Y\r\n(Reading database ... 38720 files and directories currently installed.)\r\nRemoving tftpd ...\r\nRemoving openbsd-inetd ...\r\n[ ok ] Stopping internet superserver: inetd.\r\nRemoving update-inetd ...\r\nRemoving libfile-copy-recursive-perl ...\r\nProcessing triggers for man-db ...\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Let’s proceed with the install.<\/p>\n
\r\n\r\nroot@tftp-server:~# apt-get install tftpd-hpa\r\nReading package lists... Done\r\nBuilding dependency tree\r\nReading state information... Done\r\nSuggested packages:\r\n  pxelinux\r\nThe following NEW packages will be installed:\r\n  tftpd-hpa\r\n0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded.\r\nNeed to get 50.7 kB of archives.\r\nAfter this operation, 145 kB of additional disk space will be used.\r\nGet:1 http:\/\/ftp.us.debian.org\/debian\/ jessie\/main tftpd-hpa amd64 5.2+20140608-3                                                                                        [50.7 kB]\r\nFetched 50.7 kB in 0s (403 kB\/s)\r\nPreconfiguring packages ...\r\nSelecting previously unselected package tftpd-hpa.\r\n(Reading database ... 31430 files and directories currently installed.)\r\nPreparing to unpack ...\/tftpd-hpa_5.2+20140608-3_amd64.deb ...\r\nUnpacking tftpd-hpa (5.2+20140608-3) ...\r\nProcessing triggers for man-db (2.7.0.2-5) ...\r\nProcessing triggers for systemd (215-17+deb8u5) ...\r\nSetting up tftpd-hpa (5.2+20140608-3) ...\r\nProcessing triggers for systemd (215-17+deb8u5) ...\r\nroot@tftp-server:~# \r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Check if the directory \/srv\/tftp<\/code> is created.  It should look like this:<\/p>\n
\r\n\r\nroot@tftp-server:~# ls -al \/srv\/\r\ntotal 12\r\ndrwxr-xr-x  3 root root    4096 Nov 11 12:04 .\r\ndrwxr-xr-x 22 root root    4096 Nov  9 13:03 ..\r\ndrwxr-xr-x  2 root nogroup 4096 Nov 11 12:04 tftp\r\nroot@tftp-server:~#\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
If \/srv\/tftp<\/code> directory does not exist or if it does but not does not have the right permissions, you can follow these steps
\n<\/p>\n
If \/srv\/tftp<\/code> does not exist, create the TFTP root directory for your TFTP server<\/p>\n
\r\n\r\nroot@tftp-server:~# cd \/srv\r\nroot@tftp-server:~# mkdir tftp\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Adjust the permissions for the new directory.  Open it for everyone.<\/p>\n
root@tftp-server:~# chmod 777 \/srv\/tftp<\/code><\/pre>\n
<\/p>\n
I’m logged in as root when I created the directory or when I installed the package.  This makes the owner root by default.  Change the owner of the directory to nobody<\/code>.<\/p>\n
\r\n\r\nroot@tftp-server:\/srv# chown nobody:nogroup tftp\r\nroot@tftp-server:\/srv# ls -al\r\ntotal 12\r\ndrwxr-xr-x  3 root   root    4096 Nov 11 12:04 .\r\ndrwxr-xr-x 22 root   root    4096 Nov  9 13:03 ..\r\ndrwxrwxrwx  2 nobody nogroup 4096 Nov 11 12:28 tftp\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Verify if the TFTP service is running.<\/p>\n
\r\n\r\nroot@tftp-server:~# ps aux | grep tftp\r\nroot 5847 0.0 0.0 14860 148 ? Ss 20:39 0:00 \/usr\/sbin\/in.tftpd --listen --user tftp --address 0.0.0.0:69 --secure \/var\/lib\/tftpboot\r\nroot 5877 0.0 0.3 7832 880 pts\/0 S+ 20:41 0:00 grep tftp\r\nroot@tftp-server:\/etc\/default# service tftpd-hpa\r\nUsage: \/etc\/init.d\/tftpd-hpa {start|stop|restart|force-reload|status}\r\nroot@tftp-server:~t# service tftpd-hpa status\r\n[ ok ] in.tftpd is running.\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
The installation of tftpd-hpa created a configuration file located in \/etc\/default<\/code>.  <\/p>\n
To allow upload of new files to the tftp-server, adjust the configuration file \/etc\/default\/tftpd-hpa.  Basically, insert -c<\/code> into TFTP_OPTIONS<\/code> and set the TFTP_DIRECTORY<\/code> to point to the directory you created earlier. The configuration should look more like:<\/p>\n
\r\n\r\n# \/etc\/default\/tftpd-hpa\r\nTFTP_USERNAME=\"tftp\"\r\nTFTP_DIRECTORY=\"\/srv\/tftp\"\r\nTFTP_ADDRESS=\"0.0.0.0:69\"\r\nTFTP_OPTIONS=\"--secure -c\"\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Restarting is done with service tftpd-hpa restart<\/code>.<\/p>\n
\r\n\r\nroot@tftp-server:~# service tftpd-hpa restart\r\n[ ok ] Restarting HPA's tftpd: in.tftpd.\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Check the status again<\/p>\n
\r\n\r\nroot@tftp-server:\/etc\/default# service tftpd-hpa status\r\n\u25cf tftpd-hpa.service - LSB: HPA's tftp server\r\n   Loaded: loaded (\/etc\/init.d\/tftpd-hpa)\r\n   Active: active (running) since Fri 2016-11-11 12:14:57 CST; 28s ago\r\n  Process: 3466 ExecStop=\/etc\/init.d\/tftpd-hpa stop (code=exited, status=0\/SUCCESS)\r\n  Process: 3471 ExecStart=\/etc\/init.d\/tftpd-hpa start (code=exited, status=0\/SUCCESS)\r\n   CGroup: \/system.slice\/tftpd-hpa.service\r\n           \u2514\u25003477 \/usr\/sbin\/in.tftpd --listen --user tftp --address 0.0.0.0:69 --secure -c \/srv\/tftp\r\n\r\nNov 11 12:14:57 tftp-server tftpd-hpa[3471]: Starting HPA's tftpd: in.tftpd.\r\nNov 11 12:14:57 tftp-server systemd[1]: Started LSB: HPA's tftp server.\r\nroot@tftp-server:\/etc\/default#\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Most of your questions can be answered by checking the manual<\/p>\n
root@tftpd-server:~# man tftpd<\/code><\/pre>\n
<\/p>\n
If you are using iptables for your firewall, you will need to add support for TFTP.  Following is a simple example<\/p>\n
\r\n\r\nIPTABLES=\/sbin\/iptables\r\n\r\n#Load the modules that support TFTP\r\nmodprobe ip_conntrack_tftp\r\nmodprobe  ip_conntrack_ftp\r\n\r\n#Allow TFTP requests from 192.168.1.0\/24 network\r\n$IPTABLES -A INPUT -s 192.168.1.0\/24 -m tcp -p tcp --dport 69 -j ACCEPT\r\n$IPTABLES -A INPUT -s 192.168.1.0\/24 -m tcp -p udp --dport 69 -j ACCEPT\r\n<\/code>\r\n<\/pre>\n
<\/p>\n
Try testing by creating a test.txt file and see if you can download that from your Cisco router and upload its IOS image, for example. <\/p>\n","protected":false},"excerpt":{"rendered":"
Setting up a TFTP server in Linux is easy. In this case example, I am using Debian. We’re going to install HPA’s TFTP server. Before installing anything, you should always check if there are existing packages installed. The example below uses aptitude to find out if packages have been installed and it looks like I […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,2,18],"tags":[],"class_list":["post-339","post","type-post","status-publish","format-standard","hentry","category-debian","category-linux","category-ubuntu"],"_links":{"self":[{"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/posts\/339","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/comments?post=339"}],"version-history":[{"count":31,"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/posts\/339\/revisions"}],"predecessor-version":[{"id":1137,"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/posts\/339\/revisions\/1137"}],"wp:attachment":[{"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/media?parent=339"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/categories?post=339"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/eltonoverip.com\/blog\/wp-json\/wp\/v2\/tags?post=339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}