From owner-freebsd-current@FreeBSD.ORG Fri Jul 25 13:20:46 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7EDD337B401 for ; Fri, 25 Jul 2003 13:20:46 -0700 (PDT) Received: from rwcrmhc11.comcast.net (rwcrmhc11.comcast.net [204.127.198.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7758143FDD for ; Fri, 25 Jul 2003 13:20:45 -0700 (PDT) (envelope-from freebsd-current-local@be-well.no-ip.com) Received: from be-well.ilk.org (be-well.no-ip.com[66.30.200.37]) by comcast.net (rwcrmhc11) with ESMTP id <2003072520204401300orqc8e>; Fri, 25 Jul 2003 20:20:44 +0000 Received: from be-well.ilk.org (lowellg.ne.client2.attbi.com [66.30.200.37] (may be forged)) by be-well.ilk.org (8.12.9/8.12.9) with ESMTP id h6PKKcM1007268 for ; Fri, 25 Jul 2003 16:20:38 -0400 (EDT) (envelope-from freebsd-current-local@be-well.no-ip.com) Received: (from lowell@localhost) by be-well.ilk.org (8.12.9/8.12.6/Submit) id h6PKKbhl007265; Fri, 25 Jul 2003 16:20:37 -0400 (EDT) X-Authentication-Warning: be-well.ilk.org: lowell set sender to freebsd-current-local@be-well.ilk.org using -f Sender: lowell@be-well.no-ip.com To: freebsd-current@freebsd.org References: <20030725214646.C89556@news1.macomnet.ru> From: Lowell Gilbert Date: 25 Jul 2003 16:20:37 -0400 In-Reply-To: <20030725214646.C89556@news1.macomnet.ru> Message-ID: <447k66s6i2.fsf@be-well.ilk.org> Lines: 31 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: "authenticated tftp" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jul 2003 20:20:46 -0000 Maxim Konovalov writes: > On Fri, 25 Jul 2003, 13:22-0400, Robert Watson wrote: > > > > > Yeah, seems like an oxy-moron, but this is a legitimate question, I > > promise. My linksys wireless router requires me to disable the admin > > password on it to tftp a firmware update to it--however, the Windows tftp > > client that Linksys ships appear to support some form of "Oh yeah, and > > here's a password". It probably really doesn't make a difference > > security-wise, but it would be a lot more convenient to update wireless > > routers if our tftp client spoke whatever extension they use to carry the > > password. Does anyone know anything about that protocol extension, or if > > there are existing tweaks to add it to our tftp? (I saw nothing in the > > man page). If there's a pointer to the on-the-write bits, I can always > > stick it in myself, but I have yet to find one. > > There are several tftp extension that NetBSD folk integrated to their > tftpd/tftp recently. IIRC they were > > 2347 TFTP Option Extension. G. Malkin, A. Harkin. May 1998. (Format: > 2348 TFTP Blocksize Option. G. Malkin, A. Harkin. May 1998. (Format: > 2349 TFTP Timeout Interval and Transfer Size Options. G. Malkin, A. > > I know nothing about auth extension yet but the protocol is quite > simple (trivial :-)) and if you get a dump of udp session between the > router and windows tftp client it would be easy incorporate this one. Just to explain further what Maxim is pointing out here: the authentication option, whatever it is, is *not* a standard, unlike the ones he listed.