+ Reply to Thread
Results 1 to 9 of 9
  1. The Bringer of Light DevilWAH's Avatar
    Join Date
    Jan 2010
    Location
    UK
    Posts
    2,967

    Certifications
    CCENT, CCNA, CCNA Security, ITIL Foundation, CCNP SWITCH,ROUTE, Zoology BSc,
    #1

    Default TFTP xinetd creating files

    Hi,

    i have been trying to get TFTP to allow file creation in unbuntu.

    my xinetd file is as follows

    Code:
    service tftp
    {
    protocol = udp
    port = 69
    socket_type = dgram
    wait = yes
    user = nobody
    server = /usr/sbin/in.tftpd
    server_args = -c -s /tftp
    disable = no
    }
    now this dies not work at all, if i remove the -c and -s I can copy from the TFTP and upload files back to it as long as they exist. But as soon as i add them back in i get the following message when i try to write to or from the server?

    %Error opening tftp://10.x.x.x/filename (Timed out)

    Ccan any one help setting this up to the remote system can create the file in the server?

    Cheers

    Aaron
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Aug 2008
    Posts
    3,951
    #2
    From the tftpd man page:

    The use of tftp(1) does not require an account or password on the remote
    system. Due to the lack of authentication information, tftpd will allow
    only publicly readable files to be accessed. Files may be written only
    if they already exist and are publicly writable.

    So if you want to be able to write to files, create them with the touch command to create a 0 byte file, and then chmod 777 them.

    Otherwise, you'll need to use a different tftp daemon that allows file creation
    Reply With Quote Quote  

  4. The Bringer of Light DevilWAH's Avatar
    Join Date
    Jan 2010
    Location
    UK
    Posts
    2,967

    Certifications
    CCENT, CCNA, CCNA Security, ITIL Foundation, CCNP SWITCH,ROUTE, Zoology BSc,
    #3
    but using tftpd with the inetd config file and you can do it. xinet is just the configuration as i underdtand it. and like i say tftpd deamon does support file creation.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Aug 2008
    Posts
    3,951
    #4
    I suggest you read the manual page for tftpd, it disagrees with you. If you still disagree with the man page, then go parse the source code

    If you need remote creation capability (which is a bit of a security risk), you need to look into tftpd-hpa or atftpd under Ubuntu
    Reply With Quote Quote  

  6. Cisco Moderator mikej412's Avatar
    Join Date
    May 2005
    Location
    Chicago
    Posts
    10,190

    Certifications
    CCNP CCIP CCSP CCVP CCDP CCDA CCNA CS-CIPSS CS-CIPTDS CS-CIPTOS CS-CIPCSS CS-CFWS CS-CVPNS CS-CISecS ISSP 4013 4011
    #5
    -c Allow new files to be created. By default, tftpd will only allow upload of files that already exist. Files are created with default permissions allowing anyone to read or write them, unless the -p or -U options are specified.
    What are the permissions on the /tftp directory? Publicaly writable? Did you put a test file in the /tftp directory and verify that the -s option (and hopefully the -c option) was accepted and used by tftpd (and indirectly verify you're not running a different conflicting tftp server)?
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Aug 2008
    Posts
    3,951
    #6
    He specified that he's running ubuntu. tftpd under Ubuntu only has two commandline options:


    -n Suppresses negative acknowledgement of requests for nonexistent relative file‐
    names.

    -s All absolute filenames are treated as if they were preceded by the first direc‐
    tory argument, or /tftpboot if there is none.

    if you try and run tftpd under ubuntu (and debian as well, which is why I'm very familiar with this issue) with the -c option, and then check /var/log/daemon.log, you'll see it's an unknown option

    forsaken@forsaken-ubuntu:/var/log$ date
    Thu Nov 11 18:44:45 EST 2010
    forsaken@forsaken-ubuntu:/var/log$ in.tftpd -c
    forsaken@forsaken-ubuntu:/var/log$ grep tftpd /var/log/daemon.log
    Nov 11 18:44:56 forsaken-ubuntu tftpd[25921]: unknown option -?

    What I'm saying may not be true for all Linux distros, but it's true for Ubuntu

    If you use tftpd-hpa instead, it has an option to create new files
    Reply With Quote Quote  

  8. Cisco Moderator mikej412's Avatar
    Join Date
    May 2005
    Location
    Chicago
    Posts
    10,190

    Certifications
    CCNP CCIP CCSP CCVP CCDP CCDA CCNA CS-CIPSS CS-CIPTDS CS-CIPTOS CS-CIPCSS CS-CFWS CS-CVPNS CS-CISecS ISSP 4013 4011
    #7
    Quote Originally Posted by Forsaken_GA View Post
    He specified that he's running ubuntu.
    I've got 6 different TFTP options available on my Ubuntu server.

    Edit: Yep -- looks like I've got tftp-hpa installed
    Last edited by mikej412; 11-12-2010 at 12:11 AM.
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Aug 2008
    Posts
    3,951
    #8
    Quote Originally Posted by mikej412 View Post
    I've got 6 different TFTP options available on my Ubuntu server.
    Yeah, Ubuntu's got options, but whenever I see this it's because the user has typed apt-get install tftpd (which is a reasonable assumption on the users part)

    And that particular tftpd daemon doesn't do remote file creation.

    The tftpd-hpa package is a drop in replacement for the regular tftpd package and is a little more robust (it starts as a regular daemon though, not out of inetd)

    It's one of those little debian idiosyncrasies, like with arping. Most of the time, the util that folks are actually looking for is the iputils-arping one, but there's a regular arping package too.
    Reply With Quote Quote  

  10. The Bringer of Light DevilWAH's Avatar
    Join Date
    Jan 2010
    Location
    UK
    Posts
    2,967

    Certifications
    CCENT, CCNA, CCNA Security, ITIL Foundation, CCNP SWITCH,ROUTE, Zoology BSc,
    #9
    See I would sware I had -c running on a copy of unbunta with only tftpd installed. I remember removing tftd-hda and installing pure TFTPD? Because i tried three or 4 different TFTP servers.

    may be i am mestaken and i cant check it now as the box is at my old company..

    in the end I went back to tftpd-hpa as this only a box for a cisco lab so no need for securit.
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks