TFTPD(8)                    System Manager’s Manual                   TFTPD(8)


       tftpd - IPv4 Trivial File Transfer Protocol server


       in.tftpd [options...]  directory...


       tftpd  is  a  server  for the IPv4 Trivial File Transfer Protocol.  The
       TFTP protocol is extensively used to support remote booting of diskless
       devices.   The  server  is  normally started by inetd, but can also run


       -l     Run the server in standalone (listen) mode, rather than run from
              inetd.   In  listen  mode,  the -t option is ignored, and the -a
              option can be used to specify a specific local address  or  port
              to listen to.

       -a [address][:port]
              Specify  a  specific  address  and port to listen to when called
              with the -l option.  The default is to listen to the  tftp  port
              specified in /etc/services on all local addresses.

       -c     Allow  new  files  to  be  created.  By default, tftpd will only
              allow upload of files that already  exist.   Files  are  created
              with  default permissions allowing anyone to read or write them,
              unless the -p or -U options are specified.

       -s     Change root directory on startup.  This means  the  remote  host
              does  not need to pass along the directory as part of the trans-
              fer, and may add security.  When -s is  specified,  exactly  one
              directory  should  be specified on the command line.  The use of
              this option is recommended for security as well as compatibility
              with  some  boot  ROMs  which cannot be easily made to include a
              directory name in its request.

       -u username
              Specify the username which tftpd will run  as;  the  default  is
              "nobody".   The user ID, group ID, and (if possible on the plat-
              form) the supplementary group IDs will be set to the ones speci-
              fied in the system permission database for this username.

       -U umask
              Sets  the  umask for newly created files to the specified value.
              The default is zero (anyone can read or write) if the -p  option
              is  not  specified, or inherited from the invoking process if -p
              is specified.

       -p     Perform no additional permissions checks above the  normal  sys-
              tem-provided  access  controls for the user specified via the -u

       -t timeout
              When run from inetd this specifies how long, in seconds, to wait
              for  a  second  connection before terminating the server.  inetd
              will then respawn the server when another request comes in.  The
              default is 900 (15 minutes.)

       -T timeout
              Determine the default timeout, in microseconds, before the first
              packet is retransmitted.  This can be modified by the client  if
              the  timeout  or  utimeout option is negotiated.  The default is
              1000000 (1 second.)

       -m remap-file
              Specify the use of filename remapping.  The remap-file is a file
              containing  the  remapping  rules.   See the section on filename
              remapping below.  This option may not be compiled  in,  see  the
              output  of in.tftpd -V to verify whether or not it is available.

       -v     Increase the logging verbosity of tftpd.  This flag can be spec-
              ified multiple times for even higher verbosity.

       -r tftp-option
              Indicate  that  a  specific RFC 2347 TFTP option should never be

       -B max-block-size
              Specifies the maximum permitted block size.  The permitted range
              for  this parameter is from 512 to 65464.  Some embedded clients
              request large block sizes and yet do not handle fragmented pack-
              ets  correctly; for these clients, it is recommended to set this
              value to the smallest MTU on your network  minus  32  bytes  (20
              bytes  for  IP,  8  for  UDP, and 4 for TFTP; less if you use IP
              options on your network.)  For example, on a  standard  Ethernet
              (MTU 1500) a value of 1468 is reasonable.

       -V     Print  the  version number and configuration to standard output,
              then exit gracefully.


       This version of tftpd supports RFC 2347 option  negotation.   Currently
       implemented options are:

       blksize (RFC 2348)
              Set  the  transfer  block size to anything less than or equal to
              the specified option.  This version of  tftpd  can  support  any
              block size up to the theoretical maximum of 65464 bytes.

       blksize2 (nonstandard)
              Set  the  transfer  block size to anything less than or equal to
              the specified option, but restrict  the  possible  responses  to
              powers of 2.  The maximum is 32768 bytes (the largest power of 2
              less than or equal to 65464.)

       tsize (RFC 2349)
              Report the size of the file that is  about  to  be  transferred.
              This  version of tftpd only supports the tsize option for binary
              (octet) mode transfers.

       timeout (RFC 2349)
              Set the time before the server retransmits a packet, in seconds.

       utimeout (nonstandard)
              Set  the  time  before  the  server  retransmits  a  packet,  in

       The -r option can be used to disable specific options; this may be nec-
       essary  to  work  around  bugs in specific TFTP client implementations.
       For example, some TFTP clients have been found to request  the  blksize
       option,  but  crash  with  an  error  if  they  actually get the option
       accepted by the server.


       The -m option specifies a file which contains filename remapping rules.
       Each  non-comment  line (comments begin with hash marks, #) contains an
       operation, specified below; a regex, a regular expression in the  style
       of  egrep;  and  optionally a replacement pattern.  The operation indi-
       cated by operation is performed if the regex matches all or part of the
       filename.   Rules  are processed from the top down, and by default, all
       rules are processed even if there is a match.

       The operation can be any combination of the following letters:

       r      Replace the substring matched by regex by the  replacement  pat-
              tern.  The replacement pattern may contain escape sequences; see

       g      Repeat this rule until it no longer  matches.   This  is  always
              used with r.

       i      Match  the regex case-insensitively.  By default it is case sen-

       e      If this rule matches, end rule processing  after  executing  the

       s      If  this  rule matches, start rule processing over from the very
              first rule after executing this rule.

       a      If this rule matches, refuse the  request  and  send  an  access
              denied error to the client.

       G      This rule applies to GET (RRQ) requests only.

       P      This rule applies to PUT (WRQ) requests only.

       ~      Inverse  the sense of this rule, i.e. execute the operation only
              if the regex doesn’t match.  Cannot used together with r.

       The following escape sequences are recognized as part of  the  replace-
       ment pattern:

       \0     The entire string matched by the regex.

       \1 to \9
              The  strings  matched  by  each  of the first nine parenthesized
              subexpressions, \( ... \), of the regex pattern.

       \i     The IP address of the requesting host, in  dotted-quad  notation

       \x     The  IP  address of the requesting host, in hexadecimal notation
              (e.g. C00002A9).

       \\     Literal backslash.

              Literal whitespace.

       \#     Literal hash mark.

       \U     Turns all subsequent letters to upper case.

       \L     Turns all subsequent letters to lower case.

       \E     Cancels the effect of \U or \L.

       If the mapping file is changed, you need to send  SIGHUP  to  any  out-
       standing tftpd process.


       The use of TFTP services does not require an account or password on the
       server system.  Due to the lack of  authentication  information,  tftpd
       will  allow  only  publicly readable files (o+r) to be accessed, unless
       the -p option is specified.  Files may be written only if they  already
       exist  and  are  publicly  writable, unless the -c option is specified.
       Note that this extends the concept of ‘‘public’’ to include  all  users
       on  all  hosts that can be reached through the network; this may not be
       appropriate on all systems, and its implications should  be  considered
       before  enabling  TFTP  service.   Typically,  some kind of firewall or
       packet-filter solution should be employed.  If  appropriately  compiled
       (see  the  output  of in.tftpd -V) tftpd will query the hosts_access(5)
       database for access control  information.   This  may  be  slow;  sites
       requiring  maximum  performance may want to compile without this option
       and rely on firewalling or kernel-based packet filters instead.

       The server should be set to run as the user with  the  lowest  possible
       privilege;  please  see the -u flag.  It is probably a good idea to set
       up a specific user account for tftpd, rather than  letting  it  run  as
       "nobody", to guard against privilege leaks between applications.

       Access to files can, and should, be restricted by invoking tftpd with a
       list of directories by including pathnames as server program  arguments
       on  the command line.  In this case access is restricted to files whole
       names are prefixed by one of the given directories.  If possible, it is
       recommended  that  the -s flag is used to set up a chroot() environment
       for the server to run in once a connection has been set up.

       Finally, the filename remapping (-m flag) support can be used  to  pro-
       vide a limited amount of additional access control.


       RFC 1123, Requirements for Internet Hosts - Application and Support.
       RFC 1350, The TFTP Protocol (revision 2).
       RFC 2347, TFTP Option Extension.
       RFC 2348, TFTP Blocksize Option.
       RFC 2349, TFTP Timeout Interval and Transfer Size Options.


       This  version of tftpd is maintained by H. Peter Anvin <>.
       It was derived from, but has substantially diverged  from,  an  OpenBSD
       source base, with added patches by Markus Gutschke and Gero Kulhman.


       tftp(1), egrep(1), umask(2), hosts_access(5), regex(7), inetd(8).

tftp-hpa 0.40                  3 September 2004                       TFTPD(8)

Man(1) output converted with man2html