WU-FTPD 2.6.1 release notes (5900-1547, January 2011)
Table Of Contents
- WU-FTPD 2.6.1 release notes
- Contents
- 1 WU-FTPD 2.6.1 Release Notes
- Announcement
- What Is In This Version
- WU-FTPD 2.6.1 Features
- Support for TLS/SSL
- Cryptography Algorithm
- Prerequisites for Configuring the TLS/SSL Feature
- Certificates and Authorities
- Generating Certificates and Keys Using OpenSSL 0.9.7m
- Configuring a WU-FTPD TLS Server and an FTP Client
- Configuring an FTP Server in a TLS/SSL Environment
- Configuring an FTP Client in a TLS/SSL Environment
- Basic Configuration for Secured File Transfer
- Virtual FTP Support
- Setting up Virtual FTP Support
- Support for Virtual FTP
- Without ftpservers (4) File
- Usage
- The virtual address allow usernameand virtual address deny username directives
- The virtual address private directive
- The virtual address root path and virtual address banner path directives
- The virtual address logfile path directive
- The virtual address hostname string directive
- The virtual address root path and virtual address email string directives
- The virtual address incmail emailaddress directive
- The virtual address mailfrom emailaddress directive
- Usage
- With ftpservers(4) File
- Usage
- The virtual address allow username and virtual address deny username directives
- The virtual address private directive
- The root path directive
- The banner path directive
- The logfile path directive
- The hostname some.host.name directive
- The email emailaddress directive
- The incmail emailaddress directive
- The mailfrom emailaddress directive
- Usage
- Without ftpservers (4) File
- Setting up a Virtual FTP Server
- The privatepw Utility
- New Clauses in the /etc/ftpd/ftpaccess File
- Enabling the Identification Protocol (RFC 1413)
- New Feature Related to Data Transfer
- Field Added to the /var/adm/syslog/xferlog File
- Command-Line Options
- IPv6 Support
- HP-Specific Features
- Other Features
- Support for TLS/SSL
- Changed and Removed Features
- Compatibility and Installation Information
- Known Problems and Limitations
- Related Information
- Defects Fixed in This Release
• The ./demoCA/cacert.pem file. This is the CA certificate file you can
exchange with communication partners for TLS authentication or verification.
• The ./demoCA/private/cakey.pem file. This is the private key file of
the CA and is passphrase-protected. You can use this private key to sign or
revoke certificates.
NOTE: Do not exchange the private key file with communication partners.
b. Generate the certificate and the key pair for the FTP server:
$ ./CA.pl –newreq
The following output is displayed:
Generating a 1024 bit RSA private key...
+++++..........................++++++
writing new private key to 'newkey.pem'
-----
You are about to be asked to enter information that will
be incorporatedinto your certificate request.
What you are about to enter is what is called a
Distinguished Name or a DN.
There are quite a few fields but you can leave
some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Enter your organization name, location, and name.
The ./CA.pl –newreq command creates the following files:
• The private key of the FTP server (./newkey.pem)
• The original (unsigned) certificate request (./newreq.pem)
c. Certificate using the CA created in Step a:
$ CA.pl –sign
A signed public certificate, ./newcert.pem (with its public key), is created for
the FTP server.
5. Create a subdirectory security under the /etc/ftpd directory:
mkdir –p /etc/ftpd/security
6. Change the directory location to security:
cd /etc/ftpd/security
7. Copy the previously created CA certificate, the FTP server certificate, and the key
from the /opt/openssl/misc/ directory to the /etc/ftpd/security directory:
cp /opt/openssl/misc/demoCA/cacert.pem
/etc/ftpd/security/ftpd-rsa-ca.pem
12 WU-FTPD 2.6.1 Release Notes