Davide Grandis wrote:
>
>> Yes, those are good controls on tftp and sound like best practices.
>>
>> For initial population of /tftpboot though one may want to use -c
>> and then once it is populated remove the -c switch, check it all
>> into cvs/subversion and make sure the permissions are sane.
>
> Let me tell that in some circumstances it could be not that easy create
> the file in advance. This is usually the case when TFTP-ing in from a
> network device that has limited capabilities (no SSH client tipically).
> Anyway, that's an added complexity that is unncesserary in my point of
> view.
I normally just open 2 windows from wherever I'm working, one ssh'd to
the server holding the file copies, one for telnet or ssh to the device.
Sometimes this involves a VPN connection and access to a freenx
session that already has some of these windows open. For things like
editing access lists, I find it much easier to edit on the computer side
and tftp the whole thing than to work with the limited set of commands
on a router. Likewise for initial router/switch setups, I usually
create the file from a copy of something similar, edit it on the server,
then tftp it to the startup config and reload. Plus, after tftp'ing any
changes back to the server I need the connection there to commit to cvs.
--
Les Mikesell
lesmikesell at gmail.com