Trivial File Transfer Protocol
tftpd is a server which implements the
Trivial File Transfer Protocol.
The use of tftp(1) does not require an account or password on the remote system.
Due to the lack of authentication information,
will allow only publicly readable files to be accessed. Files may be written
only if they already exist and are publicly writable, unless the
-c flag is specified (see below). Note that this
extends the concept of “public” to include all users on all
hosts that can be reached through the network; this may not be appropriate
on all systems, and its implications should be considered before enabling
The server must be started as root, but will chroot to the directory specified on the command line and drop privileges to the _tftpd user.
tftpd always provides random data at the
path /etc/random.seed, and therefore this path will
be ignored inside the directory.
OpenBSD network bootloaders access this path to
harvest entropy during kernel load.
The options are as follows:
tftpdto use IPv4 addresses only.
tftpdto use IPv6 addresses only.
- Allow new files to be created; otherwise uploaded files must already exist. Files are created with default permissions allowing anyone to read or write to them.
- Do not daemonize. If this option is specified,
tftpdwill run in the foreground and log the client IP, type of request, and filename to stderr.
- Look up the requested path in the subdirectory named after the client's IP
address. For read requests, if the file is not found,
tftpdfalls back on the requested path. Note that no attempt is made to limit the client to its subdirectory. This option cannot be combined with
- Listen on the specified address. By default
tftpdlistens on wildcard addresses.
- Listen on the specified port. By default
tftpdlistens on the port indicated in the ‘
tftp’ service description; see services(5).
- Issue filename rewrite requests to the specified UNIX domain socket.
tftpdwill write lines in the format "IP OP filename", terminated by a newline, where IP is the client's IP address, and OP is one of "read" or "write".
tftpdexpects replies in the format "filename" terminated by a newline. All rewrite requests from the daemon must be answered (even if it is with the original filename) before the TFTP request will continue. By default
tftpddoes not use filename rewriting. This option cannot be combined with
- Log the client IP, type of request, and filename.
- chroot(2) to directory on startup; the remote host is not expected to pass the directory as part of the file name to transfer.
tftp(1), pxeboot(8), syslogd(8), tftp-proxy(8)
K. Sollins, The TFTP Protocol (Revision 2), RFC 1350, July 1992.
G. Malkin and A. Harkin, TFTP Option Extension, RFC 2347, May 1998.
G. Malkin and A. Harkin, TFTP Blocksize Option, RFC 2348, May 1998.
G. Malkin and A. Harkin, TFTP Timeout Interval and Transfer Size Options, RFC 2349, March 1998.
tftpd command was originally a process
run via inetd(8) and appeared in 4.2BSD. It was
rewritten for OpenBSD 5.2 as a persistent
Many TFTP clients will not transfer files over 16744448 octets (32767 blocks).