GNU/Linux - How to install and configure TFTP server

Tux logo

TFTP for Trivial File Transfer Protocol is a simple File Transfer Protocol that allows a client to get or put a file on a remote host.

It is old but still used in many network applications.

I personnaly use it to update my network devices firmwares. (Cisco switches for examples).

We will see here how to set up a TFTP server under Debian.

Network Diagram

  • OS : Debian 11 (bullseye)
  • Tftp server : atftpd
  • Network Protocol : UDP 69
  • Tftp directory : /srv/tftp
GNU/Linux | Debian tftp server architecture
Debian tftp server architecture

Installation

  • Update package sources list :
root@server:~# apt update
  • Install atftpd server :
root@server:~# apt install atftpd
  • Create /srv/tftp folder if missing. It will we be our root tftp share :
root@server:~# ls /srv/tftp || mkdir /srv/tftp

Configuration

Network Configuration

  • Edit /etc/network/interfaces (replace ens224 by own your network interface) :
allow-hotplug ens224
iface ens224 inet static
        address 192.168.1.10
        netmask 255.255.255.0
        gateway 192.168.1.254
	dns-nameservers 192.168.1.254
  • Reboot :
root@host:~# reboot

TFTP configuration

  • Edit /etc/default/atftpd and check that you have the same parameters :
USE_INETD=true
# OPTIONS below are used only with init script
OPTIONS="--tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /srv/tftp"
  • Restart atftpd service :
root@server:~# systemctl restart atftpd.service
  • Set read/write permissions to make your files in /srv/tftp readable and writable :
root@server:~# chmod -R ugo+rw /srv/tftp/

Check from a client

To check that our server works correctly we can use a tftp client.

  • If from a Debian host install tftp client :
root@client:~# apt update && apt install tftp
  • Connect to the tftp server :
user@client:~$ tftp 192.168.1.10
  • Show status :
tftp> status
Connected to 192.168.1.10.
ode: netascii Verbose: off Tracing: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
  • Download a file :
tftp> get c1000-universalk9-mz.152-7.E4.bin
  • Send a file :
tftp> put c1000-universalk9-mz.152-7.E4.bin
  • Exit session :
tftp> quit

DHCP server

In some situations you may also need to set a DHCP server, we will see how.

  • Install dhcpd service :
root@client:~# apt update && apt install isc-dhcp-server
  • Edit /etc/dhcp/dhcpd.conf file, here with an address pool from 192.168.10.10 to 192.168.10.20 :
option domain-name "example.org";
default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;

subnet 192.168.10.0 netmask 255.255.255.0 {
  range 192.168.10.10 192.168.10.20;
}
  • Edit /etc/default/isc-dhcp-server file and specify network interface on which the dhcp service will run :
INTERFACESv4="ens224"
#INTERFACESv6=""
  • Restart dhcpd service :
root@client:~# systemctl restart isc-dhcp-server.service
  • Print dhcpd leases :
root@client:~# grep dhcpd /var/log/syslog
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Contact :