1.\" Copyright (c) 1983, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. All advertising materials mentioning features or use of this software 13.\" must display the following acknowledgement: 14.\" This product includes software developed by the University of 15.\" California, Berkeley and its contributors. 16.\" 4. Neither the name of the University nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" @(#)tftpd.8 8.1 (Berkeley) 6/4/93 33.\" $FreeBSD: src/libexec/tftpd/tftpd.8,v 1.6.2.6 2003/04/06 19:42:56 dwmalone Exp $ 34.\" 35.Dd September 14, 2000 36.Dt TFTPD 8 37.Os 38.Sh NAME 39.Nm tftpd 40.Nd Internet Trivial File Transfer Protocol server 41.Sh SYNOPSIS 42.Nm /usr/libexec/tftpd 43.Op Fl cCln 44.Op Fl s Ar directory 45.Op Fl u Ar user 46.Op Ar directory ... 47.Sh DESCRIPTION 48The 49.Nm 50utility is a server which supports the 51Internet Trivial File Transfer 52Protocol 53.Pq Tn RFC 1350 . 54The 55.Tn TFTP 56server operates 57at the port indicated in the 58.Ql tftp 59service description; 60see 61.Xr services 5 . 62The server is normally started by 63.Xr inetd 8 . 64.Pp 65The use of 66.Xr tftp 1 67does not require an account or password on the remote system. 68Due to the lack of authentication information, 69.Nm 70will allow only publicly readable files to be 71accessed. 72Files containing the string ``/\|\fB.\|.\fP\|/'' or starting with 73``\|\fB.\|.\fP\|/'' are not allowed. 74Files may be written only if they already exist and are publicly writable. 75Note that this extends the concept of 76.Dq public 77to include 78all users on all hosts that can be reached through the network; 79this may not be appropriate on all systems, and its implications 80should be considered before enabling tftp service. 81The server should have the user ID with the lowest possible privilege. 82.Pp 83Access to files may be restricted by invoking 84.Nm 85with a list of directories by including up to 20 pathnames 86as server program arguments in 87.Pa /etc/inetd.conf . 88In this case access is restricted to files whose 89names are prefixed by the one of the given directories. 90The given directories are also treated as a search path for 91relative filename requests. 92.Pp 93The 94.Fl s 95option provides additional security by changing 96.Nm Ns No 's 97root directory, thereby prohibiting accesses outside of the specified 98.Ar directory . 99Because 100.Xr chroot 2 101requires super-user privileges, 102.Nm 103must be run as root. 104However, after performing the 105.Fn chroot , 106.Nm 107will set its user id to that of the specified 108.Ar user , 109or 110.Dq nobody 111if no 112.Fl u 113option is specified. 114.Pp 115The options are: 116.Bl -tag -width Ds 117.It Fl c 118Changes the default root directory of a connecting host via chroot based on the 119connecting IP address. 120This prevents multiple clients from writing to the same file at the same time. 121If the directory does not exist, the client connection is refused. 122The 123.Fl s 124option is required for 125.Fl c 126and the specified 127.Ar directory 128is used as a base. 129.It Fl C 130Operates the same as 131.Fl c 132except it falls back to 133.Fl s Ns No 's 134.Ar directory 135if a directory does not exist for the client's IP. 136.It Fl l 137Log all requests using 138.Xr syslog 3 139with the facility of 140.Dv LOG_FTP . 141Note: Logging of 142.Dv LOG_FTP 143messages 144must also be enabled in the syslog configuration file, 145.Xr syslog.conf 5 . 146.It Fl n 147Suppress negative acknowledgement of requests for nonexistent 148relative filenames. 149.It Fl s Ar directory 150Cause 151.Nm 152to change its root directory to 153.Pa directory . 154After changing roots but before accepting commands, 155.Nm 156will switch credentials to an unprivileged user. 157.It Fl u Ar user 158Switch credentials to 159.Ar user 160(default 161.Dq nobody ) 162when the 163.Fl s 164option is used. 165The user must be specified by name, not a numeric UID. 166.El 167.Sh SEE ALSO 168.Xr tftp 1 , 169.Xr chroot 2 , 170.Xr inetd 8 , 171.Xr syslogd 8 172.Rs 173.%A K. R. Sollins 174.%T The TFTP Protocol (Revision 2) 175.%D July 1992 176.%O RFC 1350, STD 33 177.Re 178.Sh HISTORY 179The 180.Nm 181utility appeared in 182.Bx 4.2 ; 183the 184.Fl s 185option was introduced in 186.Fx 2.2 , 187the 188.Fl u 189option was introduced in 190.Fx 4.2 , 191and the 192.Fl c 193option was introduced in 194.Fx 4.3 . 195.Sh BUGS 196Files larger than 33488896 octets (65535 blocks) cannot be transferred 197without client and server supporting blocksize negotiation (RFC1783). 198.Pp 199Many tftp clients will not transfer files over 16744448 octets (32767 blocks). 200