Manualshelf

WU-FTPD 2.6.1 Release Notes for HP-UX 11i v1, HP-UX 11i v2 and HP-UX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Foundation OE
11121314151617181920
easy to perform in one direction but difficult to perform in the opposite direction,
the two keys provide a high level of security if large numbers are used. Commonly
used public key algorithms include RSA, El Gamal, and Diffie-Hellman.
While establishing a TLS session, you can use public key cryptography to exchange
a session key that is used in a private key algorithm. You can also use these public
keys to authenticate the server and, if required, the client, and to provide
session-level encryption and confidentiality for the entire session.
Hash algorithms. These algorithms are a set of one-way functions that accept a
variable length input, and, after mathematical processing, produce a fixed length
output. The transformations of the data produce a fingerprint of the input. The
minor changes to the input appear as large changes in the output. Popular hash
algorithms include SHA-1, MD5, and RIPEMD.
Hash algorithms are used for integrity checking; that is, to ensure that data is not
tampered during transmission.
Prerequisites for Configuring the TLS/SSL Feature
Following are the prerequisites for configuring the TLS/SSL feature:
The OpenSSL software
OpenSSL is an open source product that offers a general purpose cryptography
library and implementation of the Secure Sockets Layer (SSL v2/v3) and Transport
Layer Security (TLS v1) protocols. OpenSSL is tested and supported on different
HP-UX operating systems. OpenSSL A.00.09.07m is the latest version of OpenSSL
available on the HP-UX 11i v2 operating system. It is available to download at:
http://www.software.hp.com
The release notes for OpenSSL A.00.09.07m is available at:
http://www.docs.hp.com/en/internet.html#OpenSSL
The WU-FTPD 2.6.1 TLS enhancement bundle
The FTP-TLS enhancement bundle, ftp-ssl-ncf, contains TLS enhancement
libraries for the FTP client and server. The ftp(1) client and the ftpd(1M) server use
these enhancement libraries with OpenSSL to perform security operations.
Certificates and Authorities
A certificate is a collection of information that uniquely identifies a client or a server.
It includes descriptive fields, such as the name of an organization and its location, and
cryptographic information, such as keys and signatures.
The private key of an asymmetrical key pair can be used to sign the content that, when
decrypted using the public key, establishes the signature. This signature can be used
to offer proof of identity. The public key infrastructure (PKI) uses a hierarchy of
trustworthiness for the validation of identities, in addition to signing certificates and
12 WU-FTPD 2.6.1 Release Notes