WU-FTPD 2.6.1 release notes (July 2010)
FTP_SSL_RANDFILE=/dev/urandom
FTP_SSL_LOGFILE=/tmp/ssl.log
FTP_SSL_CONFIG_FILE=flist.txt
FTP_SSL_CERT_FILE=/home/SSL/CERTS/client-cert.pem
FTP_SSL_DSACERT_FILE=/home/SSL/CERTS/dsaclient-cert.pem
FTP_SSL_KEYT_FILE=/home/SSL/CERTS/server-key.pem
FTP_SSL_DSAKEY_FILE=/home/SSL/CERTS/dsaclient-key
FTP_SSL_CA_FILE=/home/SSL/CERTS/ca-cert.pem
• Using the Configuration File
You can include all the environment variables in a configuration file and
invoke FTP as follows:
# ftp -z config=config_filename server_name
• Using the Command Line
ftp -z debug=2 -z secure -z logfile=/tmp/ssl.log -z\
CAfile=/var/opt/ftp/CA-Certs/ca-cert.pem -z \
CApath=/var/opt/ftp/CA-Certs/ -z\
rsacert=/var/opt/ftp/CA-Certs/client-cert.pem -z\
rsakey=/var/opt/ftp/CA-Certs/client-key.pem server_name
Basic Configuration for Secured File Transfer
This section discusses the basic configuration required for secured file transfer in an
FTP server and client.
To configure secured file transfer in an FTP server, complete the following steps:
1. Generate the following certificates and key using HP-UX OpenSSL with the
procedure discussed in “Generating Certificates and Keys Using OpenSSL 0.9.7m”
(page 14):
a. X.509 RSA Certificate Authority (CA).
b. X.509 RSA server certificate signed by the CA certificate (certificate file).
c. X.509 RSA private key associated with the RSA server certificate (key file).
2. Copy the CA file, certificate file, and key file to the /etc/ftpd/security
directory in the server, for example, /etc/ftpd/security/ca.pem, /etc/
ftpd/security/ftpd-rsa-cert.pem, and /etc/ftpd/security/
ftpd-rsa-key.pem, respectively.
3. Configure the FTP server using either of the following methods:
• Using Command-Line Options
Include the command-line options in the FTP service entry in the /etc/
inetd.conf file as follows:
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l -L -a
-z usetls -z tlsdata -z
cert=/etc/ftpd/security/ftpd-rsa-cert.pem -z
22 WU-FTPD 2.6.1 Release Notes