Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
uftp_keymgt(1)		    General Commands Manual		uftp_keymgt(1)

       uftp_keymgt  -  Encrypted UDP based ftp with multicast -	key management

       uftp_keymgt [ -m	] [ key_file [ key_file	...] ]

       uftp_keymgt [ -m	] -g { rsa:key_length |	ec:curve } key_file

       uftp_keymgt [ -m	] -d key_file

       uftp_keymgt is a	utility	for creating, viewing, and deleting RSA	and EC
       private keys used by the	UFTP suite.  Although keys can be generated on
       the fly by uftp(1), uftpd(1), and uftpproxyd(1),	this utility  gives  a
       more straightforward way	of doing so without having to kick off a dummy
       process just to create/view a key.

       The definition of key_file is dependent on the crypto library  UFTP  is
       compiled	to use.

       On  Windows systems, UFTP uses CNG (Cryptography	API: Next Generation).
       Under CNG, all RSA and EC private keys must be stored  in  a  key  con-
       tainer  (technically  only  keys	used to	sign data, but for UFTP's pur-
       poses this is the case).	 Key containers	are internal to	 Windows,  and
       each  user (and the system) has its own set of key containers.  In this
       case, key_file is actually the name of the key container.

       All other systems use OpenSSL for the crypto  library  (although	 under
       Windows	UFTP  can be also be built to use it).	In this	case, key_file
       specifies a file	name where the RSA or ECDSA private key	is stored  un-
       encrypted in PEM	format (the OS is expected to protect this file).

       The -g option is	used to	generate a key of a given type and store it in
       the given key_file.  The	key size and key fingerprint are then printed.
       Under  OpenSSL,	a key can actually be generated	by the openssl(1) com-
       mand line utility, although you'll still	need to	run uftp_keymgt	on  it
       to see the fingerprint.

       The  -d	option	is  available  only  on	Windows	systems	using CNG.  It
       deletes the key container specified by key_file.

       When neither -g or -d are specified, the	type and  fingerprint  of  all
       keys  listed  are printed.  If no keys are specified under Windows with
       CNG, the	private	key for	all key	containers for the  current  user  are
       printed.	  Note	that some key containers may exist that	an application
       other than UFTP is using, and some of those may not have	an RSA	or  EC
       private key.

       The following options are supported:

       -g  { rsa:key_length | ec:curve } key_file
	      Specifies	 the  type of new key and the key_file to store	it in.
	      New keys are specified as	either rsa:key_length,	which  creates
	      an  RSA  private key key_length bits wide, or as ec:curve, which
	      creates an EC key	using the curve	"curve".

	      The supported EC curves are secp256r1  (prime256v1),  secp384r1,
	      and secp521r1.

       -d key_file
	      Specifies	the Windows key	container to delete.

       -m     For  Windows systems using CNG, private keys are normally	stored
	      in the key container of the running user.	 Specifying  this  op-
	      tion  stores  keys  in the system	key container.	On non-Windows
	      systems, this option has no effect.

       The following exit values are returned:

       0      The command completed successfully.

       1      An invalid command line parameter	was specified.

       uftp(1),	uftpd(1), uftpproxyd(1).

       The  latest  version  of	 UFTP  can  be	found  at   http://uftp-multi-   UFTP  is	 covered by the	GNU General Public Li-
       cense.  Commercial licenses and support are available from Dennis  Bush

UFTP 5.0			 22 April 2020			uftp_keymgt(1)


Want to link to this manual page? Use this URL:

home | help