Saturday, November 19, 2011

uploading file to tftp server on ubuntu 10.04

It was strange for me that I had no problem on using tftp server earlier than Ubuntu 10.04.
I just could upload and download whatever I want only if I get enough permission.
However, it did not work as I expected on Ubuntu 10.04.
I got 'Permission Denied', 'File Not Found' or 'Forbidden directory' error with tftpd + xinetd, tftpd + openbsd-inetd or tftpd-hda.


I had to know that uploading file to a tftp server is not allowed for security reason.


The use of tftp(1) does not require an account or password on the remote system.  Due to the lack of authentication information, tftpd will allow only publicly readable files to be accessed.  Files containing the string ``/../'' or starting with ``../'' are not allowed.  Files may be written only if they already exist and are publicly writable.

So if you want to upload any file to tftp server without any limitation, use following configuration with tftpd-hda.


# /etc/default/tftpd-hpa

TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure --create"

 '--create' option will let you upload anything without limitation, but you should pay enough attention for the security.


2 comments:

  1. This is actually good to read content of this blog. A is very general and huge knowledgeable platform has been known by this blog. I in reality appreciate this blog to have such kind of educational knowledge.
    HPE StoreOnce 3100

    ReplyDelete