Working with TFTP

[Joseph Garcia]

Greetings all!

So today I needed to download the configurations of a couple of Cisco 
routers that I had in the office. I decided to setup TFTPD today and 
realized how much of a PITA it was. It's not terribly difficult, but 
there's quite a few steps involved and it would have been nice if some 
of the infrastructure would have been there from the start.

Here's my trials and tribulations regarding TFTP setup.

The steps I took to get TFTP running was:

 1.) Try to remember my experiences from setting up TFTP in FreeBSD
 2.) Edit the inetd.conf file so that it listens for tftp requests
 3.) Realize that I don't have inetd running
 4.) Add enable_inetd="YES" to my /etc/rc.conf file
 5.) Start inetd by executing /etc/rc.d/inetd start
 6.) Realize that there's no /tftpboot in the root directory
 7.) Create /tftpboot in the root directory (1)
 8.) Remembered that I needed the files I wanted to get/put in /tftpboot
 9.) Remembered that those files need to be world readable and writable
10.) Changed the permissions of the files
11.) Ran sockstat to make sure that inetd is listening for tftp requests
By this point, I thought that I had done everything I needed to get 
done. I should be able to type 'tftp localhost' and put/get the files 
(again, whatever I put/get need to already exist in /tftpboot). So 
that's what I did, but it didn't seem to work. It just hung there.

I looked at the tftpd man page and thought that maybe I should turn on 
logging just to see what was going on. I now realized I needed to do 
some more steps.

12.) Edit syslog.conf so that it can log via the LOG_FTP facility (2)
13.) Create the ftp/tftp log file (ftplog) in /var/log
14.) Restart syslog so it can read the syslog.conf file
15.) Restart inetd for good measure
16.) Run stockstat to make sure that inetd is listing for tftp requests
Okay, so now I figured that everything should be working. I can type 
'tftp localhost' and get/put the file. It just hung there again. Not 
sure why. I rechecked everything to make sure I did everything right. I 
check file permissions and everything was correct to the best of my 
knowledge.

Then I tried 'tftp <ip address>' and realized that this time I was able 
to get/put the file I needed. Eureka! It works!

Sure, that only took me less than 15 minutes or so (I was doing other 
things at the same time), but still it should be "trivial" to setup 
trivial file transfer protocol.

I wonder. Perhaps somethings should be in place before hand to make it 
easier for people. I know that not many people use tftp these days, but 
if you're administering cisco routers and other such devices tftp is one 
of the ways to download/upload configuration files. It's exactly what I 
use it for.

One of the things I see could be better for a user's standpoint would 
for the logging of ftp informating in syslog.conf by default into a file 
in /var/log. Also, in inetd.conf it would probably be a good idea to 
turn on logging for both ftp and tftp by using the -l flag on them. I 
think it would be good for security's sake (people can keep tabs of ftp 
logins and transfers) and a convenience to others.

Also, the fact that the files in /tftboot (or whatever directory is 
prefered) need to be present and world read/writable should be better 
explained in the man page. It is mentioned, but perhaps a NOTE at the 
bottom of the page stressing that would be helpfull to others trying to 
setup tftp.

Again, these are just usability ideas. They're not technical, just 
mostly cosmetic. Just stuff to make it easier for the next guy. It's a 
good thing I knew what I was doing and I knew where to look because I'm 
sure I would have been quite frustrated.

If someone thinks it's a good idea to add those chaanges to syslog.conf, 
inetd.conf, and the tftpd man page then I'll provide diffs. Having 
/tftpboot in the root directory upon install would be nice too.

Just because it's Unix, doesn't mean it has to be a PITA.

Joseph Garcia

(1) - I chose to use /tftpboot because that's what was in the inetd.conf 
file. Of course, I could have changed that and used any other directory 
but /tftpboot was fine with me.

(2) - I needed to add the following line to syslog.conf so that I can 
log to a file in /var/log:

ftp.*                                           /var/log/ftplog