Manualshelf

WU-FTPD 2.6.1 Release Notes for HP-UX 11i v1, HP-UX 11i v2 and HP-UX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Foundation OE
11121314151617181920
NOTE: Except for the TLS/SSL feature, all the features discussed in this section are
available in WU-FTPD 2.6.1 on the HP-UX 11i v1 and HP-UX 11i v3 operating systems.
Support for TLS/SSL
The Transport Layer Security/Secure Socket Layer (TLS/SSL) feature enables the HP-UX
FTP product to use the security features provided by OpenSSL. When this feature is
enabled, HP-UX FTP provides a secured FTP session and a secure file transfer.
This section discusses the various components used by TLS/SSL to provide security
services. It also discusses the prerequisites for configuring the TLS/SSL feature, the
procedure to generate certificates and keys using OpenSSL, and to configure an FTP
client and server in an TLS/SSL environment.
NOTE: The TLS/SSL feature is available only on the HP-UX 11i v2 operating system.
You can install the WU-FTPD 2.6.1 enhancement bundle, which you can download
from http://www.software.hp.com, to obtain the TLS/SSL feature on the HP-UX 11i v2
operating system. The WU-FTPD 2.6.1 enhancement bundle contains the latest core
patch required for the TLS/SSL feature on the HP-UX 11i v2 operating system.
IMPORTANT: WU-FTP 2.6.1 includes the software developed by the OpenSSL project
for use in the OpenSSL toolkit available at:
http://www.openssl.org/
This section addresses the following topics:
“Cryptography Algorithm” (page 11)
“Prerequisites for Configuring the TLS/SSL Feature” (page 12)
“Generating Certificates and Keys Using OpenSSL 0.9.7m” (page 14)
“Configuring a WU-FTPD TLS Server and an FTP Client” (page 18)
“Basic Configuration for Secured File Transfer (page 22)
Cryptography Algorithm
The TLS subsystem uses the following components to provide services, such as integrity
checking, authentication, and confidentiality:
Private key algorithms, or symmetrical cryptography. This component uses a
shared secret and the key, for both encryption and decryption of a message. Input
data is mathematically processed using the private key algorithm and the key, to
produce the ciphertext output that must be decrypted by the recipient. Commonly
used private key algorithms include DES, Blowfish, AES, and IDEA.
Public key algorithms. These algorithms use two mathematically related keys to
separate the process of encryption and decryption. By using functions that are
WU-FTPD 2.6.1 Features 11