TFTP server


  • TFTP requires a DHCP server
  • TFTP is NOT secure at all. You should only use it into your internal network !!

=> Don't forget to adjust your firewall rules


Trivial FTP (TFTP) client

apt-get install tftp-hpa

Trivial FTP (TFTP) server

apt-get install tftpd-hpa

SysLinux [netboot utilities]

apt-get install syslinux mtools initramfs-tools

Syslinux contains some starter files you can use for your netboot clients.

Basic configuration

Create target TFTP folders

mkdir -m 755 -p /tftpboot

TFTP configuration

vim /etc/default/tftpd-hpa

It should look like:

# /etc/default/tftpd-hpa

Don't forget to add the RUN_DAEMON setting.

The TFTP server files [= the files that will be used by the TFTP clients] are in the "TFTP_DIRECTORY" instruction. ==> You should use the folder we just created: /tftpboot


You must not change the default user or port number !!

service tftpd-hpa restart

TFTP automatic start on boot

Sometimes the "RUN_DAEMON" is not enough for TFTP automatic startup... :(

In that case you have to register tftp-hpa as a service.

cd /etc/init.d/
update-rc.d tftpd-hpa defaults

Reboot your server ! The TFTP should be up and running now :)

Firewall configuration

Adjust your firewall script and add the following rules:

IPTABLES=`which iptables`

$IPTABLES -A INPUT -p udp -s $LAN_ADDRESS --dport 69 -j ACCEPT

TFTP folder tree

Tree overview

This is how we'll setup our files and folders:

#### PXE bootloader

#### Boot configurations and menus libraries

/tftpboot/pxelinux.cfg/default                  # default NetBoot configuration
/tftpboot/pxelinux.cfg/01-ec-a8-6b-fd-da-44     # specific configuration for host with MAC @ "EC-A8-6B-FD-DA-44"

#### Netboot Kernels

#### Kernels' libraries and modules

Create folders

You need to create the following set of folders:

mkdir -p /tftpboot/pxelinux.cfg
chmod -R 755 /tftpboot/pxelinux.cfg

mkdir -p /tftpboot/images
chmod -R 755 /tftpboot/images

mkdir -p /tftpboot/sources-images/
chmod -R 755 /tftpboot/sources-images/

PXE bootloader

The PXE bootloader is the pxelinux.0 file = that's the file that allows the NetBoot.

  • That file is always served by the TFTP server.
  • This file is provided by the syslinux package
cp /usr/lib/syslinux/pxelinux.0 /tftpboot/

PXE libraries

# Plain text menu
cp /usr/lib/syslinux/menu.c32 /tftpboot/pxelinux.cfg/

# Graphical menu
cp /usr/lib/syslinux/vesamenu.c32 /tftpboot/pxelinux.cfg/

Test the server

1. Create a file on the server

vim /tftpboot/hello.txt

2. Connect to the server

Install TFTP client:

apt-get install tftp-hpa

Connect to the server and get file:

in that example is my server

get hello.txt

Check the received file:

cat hello.txt

TFTP service management

Just use the "service" command:

service tftpd-hpa {status|restart|start|stop}