TFTP server
Contents
Reminder
- TFTP requires a DHCP server
- TFTP is NOT secure at all. You should only use it into your internal network !!
=> Don't forget to adjust your firewall rules
Installation
Trivial FTP (TFTP) client
apt-get install tftp-hpa
Trivial FTP (TFTP) server
apt-get install tftpd-hpa
SysLinux [netboot utilities]
apt-get install syslinux mtools initramfs-tools
Syslinux contains some starter files you can use for your netboot clients.
Basic configuration
Create target TFTP folders
mkdir -m 755 -p /tftpboot
TFTP configuration
vim /etc/default/tftpd-hpa
It should look like:
# /etc/default/tftpd-hpa
RUN_DAEMON="yes"
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"
Don't forget to add the RUN_DAEMON setting.
The TFTP server files [= the files that will be used by the TFTP clients] are in the "TFTP_DIRECTORY" instruction.
==> You should use the folder we just created: /tftpboot
IMPORTANT !!
You must not change the default user or port number !!
service tftpd-hpa restart
TFTP automatic start on boot
Sometimes the "RUN_DAEMON" is not enough for TFTP automatic startup... :(
In that case you have to register tftp-hpa as a service.
cd /etc/init.d/
update-rc.d tftpd-hpa defaults
Reboot your server ! The TFTP should be up and running now :)
Firewall configuration
Adjust your firewall script and add the following rules:
IPTABLES=`which iptables`
LAN_ADDRESS="172.16.50.0/24"
$IPTABLES -A INPUT -p udp -s $LAN_ADDRESS --dport 69 -j ACCEPT
TFTP folder tree
Tree overview
This is how we'll setup our files and folders:
#### PXE bootloader
/tftpboot/pxelinux.0
#### Boot configurations and menus libraries
/tftpboot/pxelinux.cfg/
/tftpboot/pxelinux.cfg/menu.c32
/tftpboot/pxelinux.cfg/vesamenu.c32
/tftpboot/pxelinux.cfg/default # default NetBoot configuration
/tftpboot/pxelinux.cfg/01-ec-a8-6b-fd-da-44 # specific configuration for host with MAC @ "EC-A8-6B-FD-DA-44"
#### Netboot Kernels
/tftpboot/images/
Create folders
You need to create the following set of folders:
mkdir -p /tftpboot/pxelinux.cfg
chmod -R 755 /tftpboot/pxelinux.cfg
mkdir -p /tftpboot/images
chmod -R 755 /tftpboot/images
PXE bootloader
The PXE bootloader is the pxelinux.0 file = that's the file that allows the NetBoot.
- That file is always served by the TFTP server.
- This file is provided by the syslinux package
cp /usr/lib/syslinux/pxelinux.0 /tftpboot/
Test the server
1. Create a file on the server
vim /tftpboot/hello.txt
2. Connect to the server
Install TFTP client:
apt-get install tftp-hpa
Connect to the server and get file:
in that example 172.16.50.2 is my server
tftp 172.16.50.2
get hello.txt
quit
Check the received file:
cat hello.txt
TFTP service management
Just use the "service" command:
service tftpd-hpa {status|restart|start|stop}
Setup NetBoot files
See NetBoot server