WU-FTPD 2.6.1 release notes (5900-1547, January 2011)
Table Of Contents
- WU-FTPD 2.6.1 release notes
- Contents
- 1 WU-FTPD 2.6.1 Release Notes
- Announcement
- What Is In This Version
- WU-FTPD 2.6.1 Features
- Support for TLS/SSL
- Cryptography Algorithm
- Prerequisites for Configuring the TLS/SSL Feature
- Certificates and Authorities
- Generating Certificates and Keys Using OpenSSL 0.9.7m
- Configuring a WU-FTPD TLS Server and an FTP Client
- Configuring an FTP Server in a TLS/SSL Environment
- Configuring an FTP Client in a TLS/SSL Environment
- Basic Configuration for Secured File Transfer
- Virtual FTP Support
- Setting up Virtual FTP Support
- Support for Virtual FTP
- Without ftpservers (4) File
- Usage
- The virtual address allow usernameand virtual address deny username directives
- The virtual address private directive
- The virtual address root path and virtual address banner path directives
- The virtual address logfile path directive
- The virtual address hostname string directive
- The virtual address root path and virtual address email string directives
- The virtual address incmail emailaddress directive
- The virtual address mailfrom emailaddress directive
- Usage
- With ftpservers(4) File
- Usage
- The virtual address allow username and virtual address deny username directives
- The virtual address private directive
- The root path directive
- The banner path directive
- The logfile path directive
- The hostname some.host.name directive
- The email emailaddress directive
- The incmail emailaddress directive
- The mailfrom emailaddress directive
- Usage
- Without ftpservers (4) File
- Setting up a Virtual FTP Server
- The privatepw Utility
- New Clauses in the /etc/ftpd/ftpaccess File
- Enabling the Identification Protocol (RFC 1413)
- New Feature Related to Data Transfer
- Field Added to the /var/adm/syslog/xferlog File
- Command-Line Options
- IPv6 Support
- HP-Specific Features
- Other Features
- Support for TLS/SSL
- Changed and Removed Features
- Compatibility and Installation Information
- Known Problems and Limitations
- Related Information
- Defects Fixed in This Release
key=/etc/ftpd/security/ftpd-rsa-key.pem -z
CAfile=/etc/ftpd/security/ftpd-rsa-ca.pem
• Using the Configuration File
Specify the TLS configuration file in the FTP service entry in the /etc/
inetd.conf file.
Following is the FTP service entry in the /etc/inetd.conf file:
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l -L -a
-z usetls -z config=/etc/ftpd/security/tls.conf
Following are the contents of the /etc/ftpd/security/tls.conf TLS
configuration file:
usetls
tlsdata
cert=/etc/ftpd/security/ftpd-rsa-cert.pem
key=/etc/ftpd/security/ftpd-rsa-key.pem
CAfile=/etc/ftpd/security/ftpd-rsa-ca.pem
To configure secured file transfer in an FTP client system, complete the following steps:
1. Generate the following certificates and key using HP-UX OpenSSL with the procedure
discussed in “Generating Certificates and Keys Using OpenSSL 0.9.7m” (page 9):
a. X509 RSA Certificate Authority (CA).
b. X509 RSA server certificate signed by the CA certificate (certificate file).
c. X509 RSA private key associated with the RSA server certificate (key file).
2. Copy the certificate file and key file to the home directory of the user in the client
system, for example, /home/user1/certificate.pem, and /home/user1/
private-key.pem, respectively.
3. Copy the CA file to a global location in the client system.
NOTE: This step is optional and required only if you are using client certificates
for authentication.
4. Start the FTP client using one of the following methods:
• Using Environment Variables
To start the FTP client using environment variables, export the following
environment variables using the following commands:
export FTP_USESSL=1
export FTP_SSL_CA_FILE=/etc/ftpd/security/ca.pem
export FTP_SSL_CERT_FILE=/home/user1/certificate.pem
export FTP_SSL_KEYT_FILE=/home/user1/private-key.pem
• Using Command-Line Options
To start the FTP client using command-line options, run the following command:
WU-FTPD 2.6.1 Features 19