OpenBSD manual page server

Manual Page Search Parameters

TFTPD(8) System Manager's Manual TFTPD(8)

tftpdTrivial File Transfer Protocol daemon

tftpd [-46cdiv] [-l address] [-p port] [-r socket] directory

tftpd is a server which implements the Trivial File Transfer Protocol.

The use of tftp(1) does not require an account or password on the remote system. Due to the lack of authentication information, tftpd will allow only publicly readable files to be accessed. Files may be written only if they already exist and are publicly writable, unless the -c flag is specified (see below). Note that this extends the concept of “public” to include all users on all hosts that can be reached through the network; this may not be appropriate on all systems, and its implications should be considered before enabling TFTP service.

The server must be started as root, but will chroot to the directory specified on the command line and drop privileges to the _tftpd user.

tftpd always provides random data at the path /etc/random.seed, and therefore this path will be ignored inside the directory. OpenBSD network bootloaders access this path to harvest entropy during kernel load.

The options are as follows:

Forces tftpd to use IPv4 addresses only.
Forces tftpd to use IPv6 addresses only.
Allow new files to be created; otherwise uploaded files must already exist. Files are created with default permissions allowing anyone to read or write to them.
Do not daemonize. If this option is specified, tftpd will run in the foreground and log the client IP, type of request, and filename to stderr.
Look up the requested path in the subdirectory named after the client's IP address. For read requests, if the file is not found, tftpd falls back on the requested path. Note that no attempt is made to limit the client to its subdirectory. This option cannot be combined with -r.
Listen on the specified address. By default tftpd listens on wildcard addresses.
Listen on the specified port. By default tftpd listens on the port indicated in the ‘tftp’ service description; see services(5).
Issue filename rewrite requests to the specified UNIX domain socket. tftpd will write lines in the format "IP OP filename", terminated by a newline, where IP is the client's IP address, and OP is one of "read" or "write". tftpd expects replies in the format "filename" terminated by a newline. All rewrite requests from the daemon must be answered (even if it is with the original filename) before the TFTP request will continue. By default tftpd does not use filename rewriting. This option cannot be combined with -i.
Log the client IP, type of request, and filename.
chroot(2) to directory on startup; the remote host is not expected to pass the directory as part of the file name to transfer.

tftp(1), pxeboot(8), syslogd(8), tftp-proxy(8)

K. Sollins, The TFTP Protocol (Revision 2), RFC 1350, July 1992.

G. Malkin and A. Harkin, TFTP Option Extension, RFC 2347, May 1998.

G. Malkin and A. Harkin, TFTP Blocksize Option, RFC 2348, May 1998.

G. Malkin and A. Harkin, TFTP Timeout Interval and Transfer Size Options, RFC 2349, March 1998.

The tftpd command was originally a process run via inetd(8) and appeared in 4.2BSD. It was rewritten for OpenBSD 5.2 as a persistent non-blocking daemon.

Many TFTP clients will not transfer files over 16744448 octets (32767 blocks).

March 4, 2019 OpenBSD-6.8