WU-FTPD 2.6.1 release notes (July 2010)

key=/etc/ftpd/security/ftpd-rsa-key.pem -z

CAfile=/etc/ftpd/security/ftpd-rsa-ca.pem

• Using the Configuration File

Specify the TLS configuration file in the FTP service entry in the /etc/

inetd.conf file.

Following is the FTP service entry in the /etc/inetd.conf file:

ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l -L -a

-z usetls -z config=/etc/ftpd/security/tls.conf

Following are the contents of the /etc/ftpd/security/tls.conf TLS

configuration file:

usetls

tlsdata

cert=/etc/ftpd/security/ftpd-rsa-cert.pem

key=/etc/ftpd/security/ftpd-rsa-key.pem

CAfile=/etc/ftpd/security/ftpd-rsa-ca.pem

To configure secured file transfer in an FTP client system, complete the following steps:

1. Generate the following certificates and key using HP-UX OpenSSL with the

procedure discussed in “Generating Certificates and Keys Using OpenSSL 0.9.7m”

(page 14):

a. X509 RSA Certificate Authority (CA).

b. X509 RSA server certificate signed by the CA certificate (certificate file).

c. X509 RSA private key associated with the RSA server certificate (key file).

2. Copy the certificate file and key file to the home directory of the user in the client

system, for example, /home/user1/certificate.pem, and /home/user1/

private-key.pem, respectively.

3. Copy the CA file to a global location in the client system.

NOTE: This step is optional and required only if you are using client certificates

for authentication.

4. Start the FTP client using one of the following methods:

• Using Environment Variables

To start the FTP client using environment variables, export the following

environment variables using the following commands:

export FTP_USESSL=1

export FTP_SSL_CA_FILE=/etc/ftpd/security/ca.pem

WU-FTPD 2.6.1 Features 23