TFTP, or Trivial File Transfer Protocol, allows users to transfer files between systems using the UDP protocol. By default, it uses UDP port 69. The TFTP protocol is extensively used to support remote booting of diskless devices. So, setting up a TFTP server on your own local network can be an interesting way to do Fedora installations, or other diskless operations.
TFTP can only read and write files to or from a remote system. It doesn’t have the capability to list files or make any changes on the remote server. There are also no provisions for user authentication. Because of security implications and the lack of advanced features, TFTP is generally only used on a local area network (LAN).
TFTP server installation
The first thing you will need to do is install the TFTP client and server packages:
dnf install tftp-server tftp -y
This creates a tftp service and socket file for systemd under /usr/lib/systemd/system.
Next, copy and rename these files to /etc/systemd/system:
cp /usr/lib/systemd/system/tftp.service /etc/systemd/system/tftp-server.service cp /usr/lib/systemd/system/tftp.socket /etc/systemd/system/tftp-server.socket
Making local changes
You need to edit these files from the new location after you’ve copied and renamed them, to add some additional parameters. Here is what the tftp-server.service file initially looks like:
[Unit] Description=Tftp Server Requires=tftp.socket Documentation=man:in.tftpd [Service] ExecStart=/usr/sbin/in.tftpd -s /var/lib/tftpboot StandardInput=socket [Install] Also=tftp.socket
Make the following changes to the [Unit] section:
Make the following changes to the ExecStart line:
ExecStart=/usr/sbin/in.tftpd -c -p -s /var/lib/tftpboot
Here are what the options mean:
- The -c option allows new files to be created.
- The -p option is used to have no additional permissions checks performed above the normal system-provided access controls.
- The -s option is recommended for security as well as compatibility with some boot ROMs which cannot be easily made to include a directory name in its request.
The default upload/download location for transferring the files is /var/lib/tftpboot.
Next, make the following changes to the [Install] section:
[Install] WantedBy=multi-user.target Also=tftp-server.socket
Don’t forget to save your changes!
Here is the completed /etc/systemd/system/tftp-server.service file:
[Unit] Description=Tftp Server Requires=tftp-server.socket Documentation=man:in.tftpd [Service] ExecStart=/usr/sbin/in.tftpd -c -p -s /var/lib/tftpboot StandardInput=socket [Install] WantedBy=multi-user.target Also=tftp-server.socket
Starting the TFTP server
Reload the systemd daemon:
Now start and enable the server:
systemctl enable --now tftp-server
To change the permissions of the TFTP server to allow upload and download functionality, use this command. Note TFTP is an inherently insecure protocol, so this may not be advised on a network you share with other people.
chmod 777 /var/lib/tftpboot
Configure your firewall to allow TFTP traffic:
firewall-cmd --add-service=tftp --perm firewall-cmd --reload
Install the TFTP client:
yum install tftp -y
Run the tftp command to connect to the TFTP server. Here is an example that enables the verbose option:
[client@thinclient:~ ]$ tftp 192.168.1.164 tftp> verbose Verbose mode on. tftp> get server.logs getting from 192.168.1.164:server.logs to server.logs [netascii] Received 7 bytes in 0.0 seconds [inf bits/sec] tftp> quit
Remember, TFTP does not have the ability to list file names. So you’ll need to know the file name before running the get command to download any files.
Posted by Curt Warfield