Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
uftp_keymgt(1)		    General Commands Manual		uftp_keymgt(1)

       uftp_keymgt  -  Encrypted UDP based ftp with multicast -	key management

       uftp_keymgt [ -m	] [ key_file [ key_file	...] ]

       uftp_keymgt [ -m	] -g { rsa:key_length |	ec:curve } key_file

       uftp_keymgt [ -m	] -d key_file

       uftp_keymgt is a	utility	for creating, viewing, and deleting RSA	and EC
       private keys used by the	UFTP suite.  Although keys can be generated on
       the fly by uftp(1), uftpd(1), and uftpproxyd(1),	this utility  gives  a
       more straightforward way	of doing so without having to kick off a dummy
       process just to create/view a key.

       The definition of key_file is dependent on the crypto library  UFTP  is
       compiled	to use.

       On  Windows systems, UFTP can built to use either CNG, which is the new
       API supported by	Windows	Vista and Windows 7, or	 CryptoAPI,  which  is
       the legacy API and the only one available to Windows XP.

       Under CryptoAPI,	all RSA	private	keys must be stored in a key container
       (technically only keys used to sign data, but for UFTP's	purposes  this
       is  the	case).	 Key containers	are internal to	Windows, and each user
       (and the	system)	has its	own set	of  key	 containers.   In  this	 case,
       key_file	is actually the	name of	the key	container.  Elliptic Curve al-
       gorithms	are not	supported under	CryptoAPI.

       Under CNG, RSA and ECDSA	private	keys are also stored in	 key  contain-
       ers,  and  RSA keys created by CrypoAPI may be read by CNG.  Like Cryp-
       toAPI, key_file also specifies the key container	name.  CNG  only  sup-
       ports 3 named EC	curves:	prime256v1, secp384r1, and secp521r1.

       All  other  systems  use	OpenSSL	for the	crypto library (although under
       Windows UFTP can	be also	be built to use	it).  In this  case,  key_file
       specifies  a file name where the	RSA or ECDSA private key is stored un-
       encrypted in PEM	format (the OS is expected to protect this file).

       The -g option is	used to	generate a key of a given type and store it in
       the given key_file.  The	key size and key fingerprint are then printed.
       Under OpenSSL, a	key can	actually be generated by the  openssl(1)  com-
       mand  line utility, although you'll still need to run uftp_keymgt on it
       to see the fingerprint.

       The -d option is	available only on Windows systems using	 CryptoAPI  or
       CNG.  It	deletes	the key	container specified by key_file.

       When  neither  -g  or -d	are specified, the type	and fingerprint	of all
       keys listed are printed.	 If no keys are	specified under	 Windows  with
       CryptoAPI  or  CNG, the private key for all key containers for the cur-
       rent user are printed.  Note that some key containers may exist that an
       application other than UFTP is using, and some of those may not have an
       RSA or EC private key.

       The following options are supported:

       -g  { rsa:key_length | ec:curve } key_file
	      Specifies	the type of new	key and	the key_file to	store  it  in.
	      New  keys	 are specified as either rsa:key_length, which creates
	      an RSA private key key_length bits wide, or as  ec:curve,	 which
	      creates an EC key	using the curve	"curve".

	      The  list	of supported EC	curves is as follows (availability may
	      vary depending on	system settings	and crypto library used):

	      sect163k1	 sect163r1  sect163r2  sect193r1  sect193r2  sect233k1
	      sect233r1	 sect239k1  sect283k1  sect283r1  sect409k1  sect409r1
	      sect571k1	 sect571r1  secp160k1  secp160r1  secp160r2  secp192k1
	      prime192v1  secp224k1  secp224r1	secp256k1 prime256v1 secp384r1

       -d key_file
	      Specifies	the Windows key	container to delete.

       -m     For Windows systems using	CryptoAPI or  CNG,  private  keys  are
	      normally stored in the key container of the running user.	 Spec-
	      ifying this option stores	keys in	the system key container.   On
	      non-Windows systems, this	option has no effect.

       The following exit values are returned:

       0      The command completed successfully.

       1      An invalid command line parameter	was specified.

       uftp(1),	uftpd(1), uftpproxyd(1).

       The   latest  version  of  UFTP	can  be	 found	at  http://uftp-multi-  UFTP is covered by the GNU  General  Public  Li-
       cense.	Commercial licenses and	support	are available from Dennis Bush

UFTP 4.9		       28 February 2016			uftp_keymgt(1)


Want to link to this manual page? Use this URL:

home | help