WU-FTPD 2.6.1 release notes (5900-1547, January 2011)
Table Of Contents
- WU-FTPD 2.6.1 release notes
- Contents
- 1 WU-FTPD 2.6.1 Release Notes
- Announcement
- What Is In This Version
- WU-FTPD 2.6.1 Features
- Support for TLS/SSL
- Cryptography Algorithm
- Prerequisites for Configuring the TLS/SSL Feature
- Certificates and Authorities
- Generating Certificates and Keys Using OpenSSL 0.9.7m
- Configuring a WU-FTPD TLS Server and an FTP Client
- Configuring an FTP Server in a TLS/SSL Environment
- Configuring an FTP Client in a TLS/SSL Environment
- Basic Configuration for Secured File Transfer
- Virtual FTP Support
- Setting up Virtual FTP Support
- Support for Virtual FTP
- Without ftpservers (4) File
- Usage
- The virtual address allow usernameand virtual address deny username directives
- The virtual address private directive
- The virtual address root path and virtual address banner path directives
- The virtual address logfile path directive
- The virtual address hostname string directive
- The virtual address root path and virtual address email string directives
- The virtual address incmail emailaddress directive
- The virtual address mailfrom emailaddress directive
- Usage
- With ftpservers(4) File
- Usage
- The virtual address allow username and virtual address deny username directives
- The virtual address private directive
- The root path directive
- The banner path directive
- The logfile path directive
- The hostname some.host.name directive
- The email emailaddress directive
- The incmail emailaddress directive
- The mailfrom emailaddress directive
- Usage
- Without ftpservers (4) File
- Setting up a Virtual FTP Server
- The privatepw Utility
- New Clauses in the /etc/ftpd/ftpaccess File
- Enabling the Identification Protocol (RFC 1413)
- New Feature Related to Data Transfer
- Field Added to the /var/adm/syslog/xferlog File
- Command-Line Options
- IPv6 Support
- HP-Specific Features
- Other Features
- Support for TLS/SSL
- Changed and Removed Features
- Compatibility and Installation Information
- Known Problems and Limitations
- Related Information
- Defects Fixed in This Release
You can use any encryption to generate certificates to use with HP-UX FTP to secure the
file transfer. For information on creating RSA and DSA certificates, see “Creating DSA
Certificates and Keys” (page 13).
The OpenSSL script, /opt/openssl/misc/CA.pl, can be used to generate certificates
and keys. By default, the certificate files are created in an encrypted format using the
Data Encryption Standard (DES) encryption. You must log in as a superuser and modify
the CA.pl script to prevent the created certificate files from being DES encrypted.
NOTE: Third party CAs, certificates, and keys in the PEM format can also be used in
the FTP client and server.
For example, if you already have the third party X.509 CA certificate in PEM format and
you want to use this certificate for the FTP server, specify the path of the certificate in the
FTP server configuration file, that is, CAfile=/etc/opt/certs/CA.pem. Similarly,
you can also use third party certificates and key by specifying their appropriate locations
in the configuration file or on the command line.
Creating RSA Certificates and Keys
Follow this procedure to generate certificates and keys:
1. Change the directory to /opt/openssl/misc:
cd /opt/openssl/misc
2. Copy the CA.pl script to the CA.pl.ORIGINAL script:
cp CA.pl CA.pl.ORIGINAL
3. Replace the entries marked with numbers in the following CA.pl script:
exit 0;
} elsif (/^-newcert$/) {
# create a certificate
system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS"
);
1
$RET=$?;
print "Certificate is in newcert.pem, private key is in newkey.pem\n"
} elsif (/^-newreq$/) {
system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
2
$RET=$?;
print "Request is in newreq.pem, private key is in newkey.pem\n";
} elsif (/^-newreq-nodes$/)
1
Replace this line with the following:
system ("$REQ -new -nodes -x509 -keyout newkey.pem -out newcert.pem $DAYS");
2
Replace this line with the following:
10 WU-FTPD 2.6.1 Release Notes