Manualshelf

WU-FTPD 2.6.1 Release Notes (5900-2465, September 2012)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Networking Software
12345678910
WU-FTPD 2.6.1 features
Following are the WU-FTPD 2.6.1 features supported on the HP-UX 11i v1, HP-UX 11i v2 , and
HP-UX 11i v3 operating systems:
NOTE: Except for the TLS/SSL feature, all the features discussed in this section are available in
WU-FTPD 2.6.1 on the HP-UX 11i v1 operating system.
Support for TLS/SSL
The Transport Layer Security/Secure Socket Layer (TLS/SSL) feature enables the HP-UX FTP product
to use the security features provided by OpenSSL. When this feature is enabled, HP-UX FTP provides
a secured FTP session and a secure file transfer.
This section discusses the various components used by TLS/SSL to provide security services. It also
discusses the prerequisites for configuring the TLS/SSL feature, the procedure to generate certificates
and keys using OpenSSL, and to configure an FTP client and server in an TLS/SSL environment.
NOTE: The TLS/SSL feature is available on the HP-UX 11i v2 and HP-UX 11i v3 operating systems.
You can install the WU-FTPD 2.6.1 enhancement bundle, which you can download from http://
www.software.hp.com, to obtain the TLS/SSL feature on the HP-UX 11i v2 operating system. The
WU-FTPD 2.6.1 enhancement bundle contains the latest core patch required for the TLS/SSL feature
on the HP-UX 11i v2 operating system.
The WU-FTPD 2.6.1 software bundle contains the FTP daemon with SSL support for the HP-UX 11i
v3 operating system. You can download the WU-FTPD 2.6.1 software bundle from the software
depot at http://www.software.hp.com.
IMPORTANT: WU-FTP 2.6.1 includes the software developed by the OpenSSL project for use in
the OpenSSL toolkit available at http://www.openssl.org/.
This section addresses the following topics:
“Cryptography algorithm (page 5)
“Prerequisites for configuring the TLS/SSL feature (page 6)
“Generating certificates and keys using OpenSSL 0.9.7m (page 7)
“Configuring a WU-FTPD TLS server and an FTP client” (page 10)
“Basic Configuration for secured file transfer” (page 13)
Cryptography algorithm
The TLS subsystem uses the following components to provide services, such as integrity checking,
authentication, and confidentiality:
Private key algorithms, or symmetrical cryptography. This component uses a shared secret
and the key, for both encryption and decryption of a message. Input data is mathematically
processed using the private key algorithm and the key, to produce the ciphertext output that
must be decrypted by the recipient. Commonly used private key algorithms include DES,
Blowfish, AES, and IDEA.
Public key algorithms. These algorithms use two mathematically related keys to separate the
process of encryption and decryption. By using functions that are easy to perform in one
direction but difficult to perform in the opposite direction, the two keys provide a high level
of security if large numbers are used. Commonly used public key algorithms include RSA, El
Gamal, and Diffie-Hellman.
While establishing a TLS session, you can use public key cryptography to exchange a session
key that is used in a private key algorithm. You can also use these public keys to authenticate
WU-FTPD 2.6.1 features 5