"authenticated tftp"
Lowell Gilbert
freebsd-current-local at be-well.no-ip.com
Fri Jul 25 13:20:46 PDT 2003
Maxim Konovalov <maxim at macomnet.ru> writes:
> On Fri, 25 Jul 2003, 13:22-0400, Robert Watson wrote:
>
> >
> > Yeah, seems like an oxy-moron, but this is a legitimate question, I
> > promise. My linksys wireless router requires me to disable the admin
> > password on it to tftp a firmware update to it--however, the Windows tftp
> > client that Linksys ships appear to support some form of "Oh yeah, and
> > here's a password". It probably really doesn't make a difference
> > security-wise, but it would be a lot more convenient to update wireless
> > routers if our tftp client spoke whatever extension they use to carry the
> > password. Does anyone know anything about that protocol extension, or if
> > there are existing tweaks to add it to our tftp? (I saw nothing in the
> > man page). If there's a pointer to the on-the-write bits, I can always
> > stick it in myself, but I have yet to find one.
>
> There are several tftp extension that NetBSD folk integrated to their
> tftpd/tftp recently. IIRC they were
>
> 2347 TFTP Option Extension. G. Malkin, A. Harkin. May 1998. (Format:
> 2348 TFTP Blocksize Option. G. Malkin, A. Harkin. May 1998. (Format:
> 2349 TFTP Timeout Interval and Transfer Size Options. G. Malkin, A.
>
> I know nothing about auth extension yet but the protocol is quite
> simple (trivial :-)) and if you get a dump of udp session between the
> router and windows tftp client it would be easy incorporate this one.
Just to explain further what Maxim is pointing out here: the
authentication option, whatever it is, is *not* a standard, unlike the
ones he listed.
More information about the freebsd-current
mailing list