TFTP server


Reminder

  • TFTP requires a DHCP server
  • TFTP is NOT secure at all. You should only use it into your internal network !!

=> Don't forget to adjust your firewall rules


Installation

Trivial FTP (TFTP) client

apt-get install tftp-hpa

Trivial FTP (TFTP) server

apt-get install tftpd-hpa

SysLinux [netboot utilities]

apt-get install syslinux mtools initramfs-tools


Syslinux contains some starter files you can use for your netboot clients.


Basic configuration

Create target TFTP folders

mkdir -m 755 -p /tftpboot


TFTP configuration

vim /etc/default/tftpd-hpa


It should look like:

# /etc/default/tftpd-hpa
RUN_DAEMON="yes"
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"


Don't forget to add the RUN_DAEMON setting.


The TFTP server files [= the files that will be used by the TFTP clients] are in the "TFTP_DIRECTORY" instruction. ==> You should use the folder we just created: /tftpboot


IMPORTANT !!

You must not change the default user or port number !!


service tftpd-hpa restart


TFTP automatic start on boot

Sometimes the "RUN_DAEMON" is not enough for TFTP automatic startup... :(


In that case you have to register tftp-hpa as a service.

cd /etc/init.d/
update-rc.d tftpd-hpa defaults

Reboot your server ! The TFTP should be up and running now :)



Firewall configuration

Adjust your firewall script and add the following rules:

IPTABLES=`which iptables`
LAN_ADDRESS="172.16.50.0/24"

$IPTABLES -A INPUT -p udp -s $LAN_ADDRESS --dport 69 -j ACCEPT


TFTP folder tree

Tree overview

This is how we'll setup our files and folders:

#### PXE bootloader
/tftpboot/pxelinux.0


#### Boot configurations and menus libraries
/tftpboot/pxelinux.cfg/                
/tftpboot/pxelinux.cfg/menu.c32
/tftpboot/pxelinux.cfg/vesamenu.c32

/tftpboot/pxelinux.cfg/default                  # default NetBoot configuration
/tftpboot/pxelinux.cfg/01-ec-a8-6b-fd-da-44     # specific configuration for host with MAC @ "EC-A8-6B-FD-DA-44"


#### Netboot Kernels
/tftpboot/images/      


#### Kernels' libraries and modules
/tftpboot/sources-images/


Create folders

You need to create the following set of folders:

mkdir -p /tftpboot/pxelinux.cfg
chmod -R 755 /tftpboot/pxelinux.cfg

mkdir -p /tftpboot/images
chmod -R 755 /tftpboot/images

mkdir -p /tftpboot/sources-images/
chmod -R 755 /tftpboot/sources-images/


PXE bootloader

The PXE bootloader is the pxelinux.0 file = that's the file that allows the NetBoot.

  • That file is always served by the TFTP server.
  • This file is provided by the syslinux package
cp /usr/lib/syslinux/pxelinux.0 /tftpboot/


PXE libraries

# Plain text menu
cp /usr/lib/syslinux/menu.c32 /tftpboot/pxelinux.cfg/

# Graphical menu
cp /usr/lib/syslinux/vesamenu.c32 /tftpboot/pxelinux.cfg/



Test the server

1. Create a file on the server

vim /tftpboot/hello.txt


2. Connect to the server

Install TFTP client:

apt-get install tftp-hpa

Connect to the server and get file:

in that example 172.16.50.2 is my server

tftp 172.16.50.2
get hello.txt
quit


Check the received file:

cat hello.txt



TFTP service management

Just use the "service" command:

service tftpd-hpa {status|restart|start|stop}