Mac OSX includes a free TFTP server that is fairly easy to use once you get the hang of it. There are TFTP server applications for Mac that you can download, but why bother when you already have one? All it takes is a little know-how and a little practice to become a Mac TFTP guru. I can help you with the know-how part. DISCLAIMER: This is not meant to be a detailed tutorial guide. I do not include command descriptions or explanations. Those can be found elsewhere. Some of the commands may be dangerous, so if you have any doubts about your ability to safely manage your Mac, go no further. There, you’ve been warned.
There are two major steps you need to follow to use the default TFTP server. First, you must enable the the TFTP server. Second, you must disable your firewall.
For security reasons, the OSX TFTP server is disabled by default. Take the following steps to enable it:
- Launch the terminal application.
- From the terminal, type sudo launchctl
- When prompted, type your password or the admin (root) password
- Type load -F /System/Library/LaunchDaemons/tftp.plist
Voila, your TFTP server is now running. To keep things simple, I keep the terminal open while I’m running the TFTP server. It reminds me that I need to turn it off later (see below). In order to copy things to your Mac, it will be necessary to temporarily disable your firewall. Take the following steps to disable your firewall:
- Launch the “System Preferences” application.
- Click “Security”
- Click the “Firewall” button.
- Click the lock and enter your credentials to make changes
- Click the “Stop” button.
Now your firewall is disabled and you are ready to receive files. NOTE: When copying a file from a remote device (a Cisco router, for example), you must include the full path to the TFTP directory in the copy command. The full path will be something like: /private/tftpboot. This is where you need to spend some time practicing to get the syntax right. NOTE: the tftpboot directory is not visible from the finder. You can only see it from the command line.
When you have finished using your TFTP server, it is a good idea to re-enable the firewall and disable your TFTP server. Re-enabling the firewall is easy enough; simply go back to the System Preferences application and click the “Start” button under the firewall. Disabling the TFTP server requires entering a couple more commands as follows:
- From the same terminal where you loaded the TFTP server, type unload /System/Library/LaunchDaemons/tftp.plist
- Type exit to unload the launch control
That’s all there is to it. It only sounds like a lot. Once you get used to it, it is easier than messing with the third party TFTP applications that are floating around the Internet.
UPDATE: I noticed that there are occasional issues with permissions when using the tftp server. If you run into similar issues, take a look at your tftp.plist (cat /System/Library/LaunchDaemons/tftp.plist). Look under the <key>ProgramArguments</key> section. If you see <string>-i</string> in the array, you need to edit the file. You can either remove that line and replace it with a -s flag, or add the -s flag. I had to experiment a bit before I found a combination that worked. The end result could look like any of the following:
or try this:
Remember to make a backup of your existing file before making any changes. Again, this is not a detailed tutorial. If you are uncomfortable with changes like these, don’t make them.