1.\" Copyright (c) 1983, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. All advertising materials mentioning features or use of this software 13.\" must display the following acknowledgement: 14.\" This product includes software developed by the University of 15.\" California, Berkeley and its contributors. 16.\" 4. Neither the name of the University nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" @(#)tftpd.8 8.1 (Berkeley) 6/4/93 33.\" $FreeBSD$ 34.\" 35.Dd September 14, 2000 36.Dt TFTPD 8 37.Os 38.Sh NAME 39.Nm tftpd 40.Nd Internet Trivial File Transfer Protocol server 41.Sh SYNOPSIS 42.Nm /usr/libexec/tftpd 43.Op Fl cCln 44.Op Fl s Ar directory 45.Op Fl u Ar user 46.Op Ar directory ... 47.Sh DESCRIPTION 48.Nm Tftpd 49is a server which supports the 50Internet Trivial File Transfer 51Protocol 52.Pq Tn RFC 1350 . 53The 54.Tn TFTP 55server operates 56at the port indicated in the 57.Ql tftp 58service description; 59see 60.Xr services 5 . 61The server is normally started by 62.Xr inetd 8 . 63.Pp 64The use of 65.Xr tftp 1 66does not require an account or password on the remote system. 67Due to the lack of authentication information, 68.Nm 69will allow only publicly readable files to be 70accessed. 71Files containing the string ``/\|\fB.\|.\fP\|/'' or starting with 72``\|\fB.\|.\fP\|/'' are not allowed. 73Files may be written only if they already exist and are publicly writable. 74Note that this extends the concept of 75.Dq public 76to include 77all users on all hosts that can be reached through the network; 78this may not be appropriate on all systems, and its implications 79should be considered before enabling tftp service. 80The server should have the user ID with the lowest possible privilege. 81.Pp 82Access to files may be restricted by invoking 83.Nm 84with a list of directories by including up to 20 pathnames 85as server program arguments in 86.Pa /etc/inetd.conf . 87In this case access is restricted to files whose 88names are prefixed by the one of the given directories. 89The given directories are also treated as a search path for 90relative filename requests. 91.Pp 92The 93.Fl s 94option provides additional security by changing 95.Nm Ns No 's 96root directory, thereby prohibiting accesses outside of the specified 97.Ar directory . 98Because 99.Xr chroot 2 100requires super-user privileges, 101.Nm 102must be run as root. 103However, after performing the 104.Fn chroot , 105.Nm 106will set its user id to that of the specified 107.Ar user , 108or 109.Dq nobody 110if no 111.Fl u 112option is specified. 113.Pp 114The options are: 115.Bl -tag -width Ds 116.It Fl c 117Changes the default root directory of a connecting host via chroot based on the 118connecting IP address. 119This prevents multiple clients from writing to the same file at the same time. 120If the directory does not exist, the client connection is refused. 121The 122.Fl s 123option is required for 124.Fl c 125and the specified 126.Ar directory 127is used as a base. 128.It Fl C 129Operates the same as 130.Fl c 131except it falls back to 132.Fl s Ns No 's 133.Ar directory 134if a directory does not exist for the client's IP. 135.It Fl l 136Log all requests using 137.Xr syslog 3 138with the facility of 139.Dv LOG_FTP . 140Note: Logging of 141.Dv LOG_FTP 142messages 143must also be enabled in the syslog configuration file, 144.Xr syslog.conf 5 . 145.It Fl n 146Suppress negative acknowledgement of requests for nonexistent 147relative filenames. 148.It Fl s Ar directory 149Cause 150.Nm 151to change its root directory to 152.Pa directory . 153After changing roots but before accepting commands, 154.Nm 155will switch credentials to an unprivileged user. 156.It Fl u Ar user 157Switch credentials to 158.Ar user 159(default 160.Dq nobody ) 161when the 162.Fl s 163option is used. 164The user must be specified by name, not a numeric UID. 165.El 166.Sh SEE ALSO 167.Xr tftp 1 , 168.Xr chroot 2 , 169.Xr inetd 8 , 170.Xr syslogd 8 171.Rs 172.%A K. R. Sollins 173.%T The TFTP Protocol (Revision 2) 174.%D July 1992 175.%O RFC 1350, STD 33 176.Re 177.Sh HISTORY 178The 179.Nm 180command appeared in 181.Bx 4.2 ; 182the 183.Fl s 184option was introduced in 185.Fx 2.2 , 186the 187.Fl u 188option was introduced in 189.Fx 4.2 , 190and the 191.Fl c 192option was introduced in 193.Fx 4.3 . 194.Sh BUGS 195Files larger than 33488896 octets (65535 blocks) cannot be transferred 196without client and server supporting blocksize negotiation (RFC1783). 197.Pp 198Many tftp clients will not transfer files over 16744448 octets (32767 blocks). 199