The below steps will allow you to set up a TFTP server on Linux but specifically on a CentOS server. All you need to do is install a couple files with yum, enable the server, and restart xinetd.
- Install TFTP Server: Use the below syntax to install the TFTP server on CentOS.
- Install Xinetd: The TFTP server will run via xinetd so you need to make sure xinetd is installed using the bellow command.
- Enable TFTP and Xinetd: Use chkconfig to ensure that xinetd and tftp starts on reboot.
- Modify TFTPBOOT Permissions: Use the below syntax to modify the permissions of the /tftpboot directory to allow tftp transfers to and from this directory. The /tftpboot directory is the default directory where files are transfered to and from using TFTP.
- Example TFTP Command: The below is an example of use of the TFTP command.
[root@centos-server ~]#yum install tftp-server
[root@centos-server ~]#yum install xinetd
[root@centos-server ~]#chkconfig tftp on [root@centos-server ~]#chkconfig xinetd on
[root@centos-server ~]#chmod 777 /tftpboot
[root@centos-server ~]#tftp -v 192.168.1.100 -c put file-example.txt
The normal computer user is probably not going to find TFTP very useful but techies will be able to find many uses. Typically technical people will run across TFTP when upgrading the firmware on some sort of network device. Please post comments if you have any TFTP questions.
Related posts:
- TFTP: Error code 1: File not found You may get the below error code when attempting to...
- Possible Errors When Moving Nagios From One Linux Server To Another Linux Server I recently moved Nagios monitoring from one server to another...
- How to Verify a CentOS Linux Server is 32 Bit or 64 Bit To verify if a system is 32 bit versus 64...
- Linux CentOS 5 Server: YUM Repository to Install Zend Optimizer I recently needed to install Zend Optimizer which was required...
- Setup Log Rotation for Multiple Ruby on Rails Projects Using Linux logrotate Setting up log rotation for multiple Ruby on Rails projects...
Tags: CentOS, chkconfig, chmod, server, TFTP, tftpboot, xinetd, yum
Entries (RSS)
Thanks,
I love doing quick Google searches for tasks I don’t do often (like setup tftp server under CentOS!!). Good work!
[Reply]
alex Reply:
March 10th, 2009 at 2:59 AM
Thanks! Glad to be able to help.
[Reply]
Alex,
Thank you very much for sharing.
Everything worked perfectly.
[Reply]
alex Reply:
November 11th, 2009 at 1:21 PM
Hello Vladimir,
No problem. Glad it helped out. Thanks for taking the time to leave feedback.
Thanks.
alex
[Reply]
one problem for me : an error message : transfer time out
[Reply]
alex Reply:
November 13th, 2009 at 12:13 PM
Hello Robert,
Thats like saying one problem for me… I try to start my car and it won’t… tell me how to fix it.
There are so many variables that it could be many different items. If you want the possibility of getting resolution to your TFTP problem then list as many specifics as you can. How have you set things up? What specifically are you doing (step by step with commands included) to receive that error?
If you provide more details I will do my best to help you out.
Thanks.
alex
[Reply]
I also have gotten the same error as Robert.
Basically, I followed the setup above on a CentOS box. Then when I run my tftp client (even using the command you give above in the final step) to connect to the CentOS box that I installed the server on (via your directions), I get the transfer timeout message.
I have ensured that the firewall is allowing port 69 connections, and even disabled the firewall all together. No love.
Any ideas?
[Reply]
alex Reply:
November 18th, 2009 at 3:46 PM
Hello AW,
Jim has some great tips in the below comments. Hope it helps.
Thanks.
alex
[Reply]
Most likely you have to edit your iptables or use the customize function in system-config-securitylevel to allow tftp through the firewall.
[Reply]
Jim Reply:
November 17th, 2009 at 3:29 PM
Err – that might have been of use to Robert (or a future note for myself when I search for this). For AW, you should try tail -f /var/log/messages when you try tftping to your server to see what happens. If nothing, try putting tftp client like atftp on your box and try to connect to localhost and upload/download something. If that doesn’t work, your tftp server is screwed; if it does work, it’s either firewall (which you said you disabled) or the client.
[Reply]
alex Reply:
November 18th, 2009 at 3:47 PM
Hello Jim,
Thanks for adding the extra info Jim! We always appreciate anyone helping others out or providing different ways to troubleshoot.
Thanks.
alex
[Reply]
You never chmod 777 anything. Idiot.
[Reply]
alex Reply:
June 15th, 2010 at 1:46 PM
Hello afed,
I love when people make statements like the above but don’t offer a different solution. Have you ever used TFTP? If so please let me know of a different configuration that works properly.
Thanks.
alex
[Reply]
Alex,
I assume afed was distressed that permissions on the tftpboot directory/files should be more like 755- with 777 one will allow global permission to write (think erase or modify) the files in tftpboot. That combined with the lack of access control in tftp daemon itself leaves your system vulnerable to exploitation, or vandalism. Not generally a good idea on a network that is not highly secure.
Regards,
Shane
[Reply]
alex Reply:
August 4th, 2010 at 3:00 PM
Hello Shane,
Fair enough. I personally don’t use TFTP outside of my private network but I do understand the concern and agree that if you have a public facing network. I assume if the files are owned by tftpboot things will work properly, allowing not only read but also write (if you need that capability), with permissions of 755?
Thanks for the actual feedback as it is always appreciated to not only see others real opinions but also expand my knowledge of specific subjects.
Thanks.
alex
[Reply]
HI Alex,
The permissions go from OWNER to GROUP to EVERYONE. I recommended a 755, which means the OWNER of the file (in this case ROOT) should have Read, Write and eXecute permissions, while the GROUP ROOT will have Read and eXecute permissions, and GLOBAL is allowed Read and eXecute permissions. I suppose the main thing here is one would not want Joe Public being able to gain access to the file to modify it in some way (whether by accident or malice), or delete it- write privilege allows deletion, as well.
That being said, I agree with you one would not want to put a tftp server at the edge of one’s network where Internet users as a whole have access to it.
I also agree with you that one would want to make a specific user that is NOT root to control tftpboot acccess to the subdirectory (all OWNERSHIP an GROUPS should be moved to tftpboot user and group, as well). MUCH more secure than with root privileges. I’m going to have to make a new PBX server tonight, and I will pay particular attention to this aspect of the configuration. THANKS for jogging my memory!!! Your comments are very timely!!
Thank you for going to the trouble of writing the piece, and responding to my questions/comments.
Regards,
Shane
[Reply]
alex Reply:
August 5th, 2010 at 12:26 AM
Hello Shane,
Thanks for the quick response. I definitely understand permissions, etc. but the explanation is great. The reason for 777 on /tftpboot in the initial article was for multiple reasons. One as we have discussed the setup as it relates to the article was on a completely private/secure network where 100’s of devices I managed were pulling new firmware, etc. The devices were provisioned before even being connected to the Internet in this manner. What I am curious about though is if I recall correctly the tftpboot directory has to be read/write/world to function properly because of the nature of TFTP however this is where I could be wrong since I it has been awhile and the fact that security wasn’t even on my mind at the time of configuration. It was one of those get it up and operational and worry about the details later if time permits…. Anyway I would be curious to hear if you actually have a tftp server operational that can also write configuration files back to the TFTP server that is not readable/writeable by everyone accessing it.
PS: Good luck with the PBX. I come from telco myself but its been a couple years since I have messed with much outside of 2811’s and Asterisk.
Thanks!
alex
[Reply]
In current versions you need to add “-c” to the server_args in /etc/xinetd.d/tftp to allow devices to create files on the tftp server (copy configs from routers, etc) otherwise you get “Error code 1: File not found”.
As far as the permissions go the current implementation of tftp writes the files as the user nobody (even though xinetd runs it as root – this can be changed in server_args as well – man in.tftpd), so instead of chmod 777 /tftpboot, you should keep the permissions at 755, but run “chown nobody:nobody /tftpboot”
My $.02
[Reply]
alex Reply:
August 25th, 2010 at 7:28 PM
Hello Kevin,
Thanks for the follow up! Been awhile since I wrote the article and since I have even used TFTP so the updated detailed info is definitely appreciated!
Thanks.
alex
[Reply]