Date: Fri, 25 Jul 2003 21:53:44 +0400 (MSD) From: Maxim Konovalov <maxim@macomnet.ru> To: Robert Watson <rwatson@freebsd.org> Cc: current@freebsd.org Subject: Re: "authenticated tftp" Message-ID: <20030725214646.C89556@news1.macomnet.ru> In-Reply-To: <Pine.NEB.3.96L.1030725132016.31689D-100000@fledge.watson.org> References: <Pine.NEB.3.96L.1030725132016.31689D-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 25 Jul 2003, 13:22-0400, Robert Watson wrote: > > Yeah, seems like an oxy-moron, but this is a legitimate question, I > promise. My linksys wireless router requires me to disable the admin > password on it to tftp a firmware update to it--however, the Windows tftp > client that Linksys ships appear to support some form of "Oh yeah, and > here's a password". It probably really doesn't make a difference > security-wise, but it would be a lot more convenient to update wireless > routers if our tftp client spoke whatever extension they use to carry the > password. Does anyone know anything about that protocol extension, or if > there are existing tweaks to add it to our tftp? (I saw nothing in the > man page). If there's a pointer to the on-the-write bits, I can always > stick it in myself, but I have yet to find one. There are several tftp extension that NetBSD folk integrated to their tftpd/tftp recently. IIRC they were 2347 TFTP Option Extension. G. Malkin, A. Harkin. May 1998. (Format: 2348 TFTP Blocksize Option. G. Malkin, A. Harkin. May 1998. (Format: 2349 TFTP Timeout Interval and Transfer Size Options. G. Malkin, A. I know nothing about auth extension yet but the protocol is quite simple (trivial :-)) and if you get a dump of udp session between the router and windows tftp client it would be easy incorporate this one. -- Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030725214646.C89556>