Linux for Network Engineers: How to Set Up a TFTP Server

By July 10, 2019Linux

TheTrivial File Transfer Protocol (TFTP) was standardized in 1981, according to the RFC 1350. The goal of the designers was to build an FTP that is small in size and memory footprint, yet easy to implement. For that reason it has found extensive usage in many applications, such as the network booting protocols PXE and BOOTP.


Its simplicity comes with some serious tradeoffs. This command is not able to list, delete, or rename files like more advanced FTP services can do. More importantly it’s INSECURE! All data is transferred unencrypted over UDP, so don’t use it to transfer any sensitive information or receive date from unverifiable sources.

By1981 network standards, this wasn’t so much of a concern; that’s why today, this command is mostly used in LANs where you have control over all of the parameters that could compromise security. Think about it as the ‘telnet’ of remote access protocols.


There are a few implementations of this command. You can search Debian repositories for TFTP packages by using the following command:$ apt-cache search tftp
tftp - Trivial file transfer protocol client
tftp-hpa - HPA's tftp client
tftp-hpa-dbg - HPA's tftp (debug)
tftpd - Trivial file transfer protocol server
tftpd-hpa - HPA's tftp server

This may give a long list, but you can easily identify the ones that are actual TFTP packages.

You can install the server with:$ apt-get install tftpd-hpa

If you are on Windows or MAC OS, you can find online TFTP clients or servers for your machine.

Server Configuration

Once you install the server, it will start running as a daemon and ready to receive and send files. By default the server uses port 69. tftpd-hpa uses the directory “/srv/tftp” for uploading and downloading. To change that, you must edit the following configuration file:$ cat /etc/default/tftpd-hpa
# /etc/default/tftpd-hpa


The “- -secure” option adds security to TFTP by limiting all transactions in the TFTP_DIRECTORY. In addition, files can be uploaded in “/srv/tftp” only if they already exist in that directory and are publicly writable. If you want to allow clients to upload new files in “/srv/tftp” then you need to add the “- -create” option like this: TFTP_OPTIONS=”- -secure – -create”. After you edit “/etc/default/tftpd-hpa”, restart the tftp server with “service tftpd-hpa restart”.

Download/Upload File

I created the following text file in “/srv/tftp”:$ cat hello_server.txt
Hello world from TFTP server!

On the client side I start an interactive session and I download it as follows:$ tftp
tftp> connect
tftp> get hello_server.txt
Received 31 bytes in 0.0 seconds
tftp> quit$ cat hello_server.txt
Hello world from TFTP server!

On the client side, I can upload a file with the following commands:$ tftp
tftp> connect
tftp> put hello_client.txt
Sent 31 bytes in 0.0 seconds
tftp> quit

If you get the following error when uploading:

tftp> put hello_client.txt
Error code 1: File not found

It can mean one of the following:

  1. The file “hello_client.txt” doesn’t exist on the servers “/srv/tftp” directory
  2. The “- -create” option is not enabled on the server (see above)
  3. The file “hello_client.txt” exists on the server but it’s not publicly writable

This handy and lightweight server is useful to upload and download files, but it comes with some important limitations that you have to keep in mind. You may have used it if you’ve ever remotely booted a machine with PXE or BOOTP.