WU-FTPD 2.6.1 release notes (5900-1547, January 2011)
Table Of Contents
- WU-FTPD 2.6.1 release notes
- Contents
- 1 WU-FTPD 2.6.1 Release Notes
- Announcement
- What Is In This Version
- WU-FTPD 2.6.1 Features
- Support for TLS/SSL
- Cryptography Algorithm
- Prerequisites for Configuring the TLS/SSL Feature
- Certificates and Authorities
- Generating Certificates and Keys Using OpenSSL 0.9.7m
- Configuring a WU-FTPD TLS Server and an FTP Client
- Configuring an FTP Server in a TLS/SSL Environment
- Configuring an FTP Client in a TLS/SSL Environment
- Basic Configuration for Secured File Transfer
- Virtual FTP Support
- Setting up Virtual FTP Support
- Support for Virtual FTP
- Without ftpservers (4) File
- Usage
- The virtual address allow usernameand virtual address deny username directives
- The virtual address private directive
- The virtual address root path and virtual address banner path directives
- The virtual address logfile path directive
- The virtual address hostname string directive
- The virtual address root path and virtual address email string directives
- The virtual address incmail emailaddress directive
- The virtual address mailfrom emailaddress directive
- Usage
- With ftpservers(4) File
- Usage
- The virtual address allow username and virtual address deny username directives
- The virtual address private directive
- The root path directive
- The banner path directive
- The logfile path directive
- The hostname some.host.name directive
- The email emailaddress directive
- The incmail emailaddress directive
- The mailfrom emailaddress directive
- Usage
- Without ftpservers (4) File
- Setting up a Virtual FTP Server
- The privatepw Utility
- New Clauses in the /etc/ftpd/ftpaccess File
- Enabling the Identification Protocol (RFC 1413)
- New Feature Related to Data Transfer
- Field Added to the /var/adm/syslog/xferlog File
- Command-Line Options
- IPv6 Support
- HP-Specific Features
- Other Features
- Support for TLS/SSL
- Changed and Removed Features
- Compatibility and Installation Information
- Known Problems and Limitations
- Related Information
- Defects Fixed in This Release
FTP_SSL_KEYT_FILE=/home/SSL/CERTS/server-key.pem
FTP_SSL_DSAKEY_FILE=/home/SSL/CERTS/dsaclient-key
FTP_SSL_CA_FILE=/home/SSL/CERTS/ca-cert.pem
• Using the Configuration File
You can include all the environment variables in a configuration file and invoke
FTP as follows:
# ftp -z config=config_filename server_name
• Using the Command Line
ftp -z debug=2 -z secure -z logfile=/tmp/ssl.log -z\
CAfile=/var/opt/ftp/CA-Certs/ca-cert.pem -z \
CApath=/var/opt/ftp/CA-Certs/ -z\
rsacert=/var/opt/ftp/CA-Certs/client-cert.pem -z\
rsakey=/var/opt/ftp/CA-Certs/client-key.pem server_name
Basic Configuration for Secured File Transfer
This section discusses the basic configuration required for secured file transfer in an FTP
server and client.
To configure secured file transfer in an FTP server, complete the following steps:
1. Generate the following certificates and key using HP-UX OpenSSL with the procedure
discussed in “Generating Certificates and Keys Using OpenSSL 0.9.7m” (page 9):
a. X.509 RSA Certificate Authority (CA).
b. X.509 RSA server certificate signed by the CA certificate (certificate file).
c. X.509 RSA private key associated with the RSA server certificate (key file).
2. Copy the CA file, certificate file, and key file to the /etc/ftpd/security directory
in the server, for example, /etc/ftpd/security/ca.pem, /etc/ftpd/
security/ftpd-rsa-cert.pem, and /etc/ftpd/security/
ftpd-rsa-key.pem, respectively.
3. Configure the FTP server using either of the following methods:
• Using Command-Line Options
Include the command-line options in the FTP service entry in the /etc/
inetd.conf file as follows:
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l -L -a
-z usetls -z tlsdata -z
cert=/etc/ftpd/security/ftpd-rsa-cert.pem -z
18 WU-FTPD 2.6.1 Release Notes