diff options
author | Colin Watson <cjwatson@debian.org> | 2009-12-29 21:42:53 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2009-12-29 21:42:53 +0000 |
commit | 87552344215a38d3a2b0d4d63dc151e05978bbe1 (patch) | |
tree | 9f4b96055e6ccaa915e8d59d9f2805e9e119371d /moduli.5 | |
parent | a25ec0b132c44c9e341e08464ff830de06b81126 (diff) | |
parent | ef94e5613d37bcbf880f21ee6094e4b1c7683a4c (diff) |
import openssh-5.1p1-gsskex-cjwatson-20080722.patch
Diffstat (limited to 'moduli.5')
-rw-r--r-- | moduli.5 | 124 |
1 files changed, 124 insertions, 0 deletions
diff --git a/moduli.5 b/moduli.5 new file mode 100644 index 000000000..4a99439cc --- /dev/null +++ b/moduli.5 | |||
@@ -0,0 +1,124 @@ | |||
1 | .\" $OpenBSD: moduli.5,v 1.12 2008/06/26 05:57:54 djm Exp $ | ||
2 | .\" | ||
3 | .\" Copyright (c) 2008 Damien Miller <djm@mindrot.org> | ||
4 | .\" | ||
5 | .\" Permission to use, copy, modify, and distribute this software for any | ||
6 | .\" purpose with or without fee is hereby granted, provided that the above | ||
7 | .\" copyright notice and this permission notice appear in all copies. | ||
8 | .\" | ||
9 | .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
10 | .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
11 | .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
12 | .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
13 | .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
16 | .Dd $Mdocdate: June 26 2008 $ | ||
17 | .Dt MODULI 5 | ||
18 | .Os | ||
19 | .Sh NAME | ||
20 | .Nm moduli | ||
21 | .Nd Diffie Hellman moduli | ||
22 | .Sh DESCRIPTION | ||
23 | The | ||
24 | .Pa /etc/moduli | ||
25 | file contains prime numbers and generators for use by | ||
26 | .Xr sshd 8 | ||
27 | in the Diffie-Hellman Group Exchange key exchange method. | ||
28 | .Pp | ||
29 | New moduli may be generated with | ||
30 | .Xr ssh-keygen 1 | ||
31 | using a two-step process. | ||
32 | An initial | ||
33 | .Em candidate generation | ||
34 | pass, using | ||
35 | .Ic ssh-keygen -G , | ||
36 | calculates numbers that are likely to be useful. | ||
37 | A second | ||
38 | .Em primality testing | ||
39 | pass, using | ||
40 | .Ic ssh-keygen -T | ||
41 | provides a high degree of assurance that the numbers are prime and are | ||
42 | safe for use in Diffie Hellman operations by | ||
43 | .Xr sshd 8 . | ||
44 | This | ||
45 | .Nm | ||
46 | format is used as the output from each pass. | ||
47 | .Pp | ||
48 | The file consists of newline-separated records, one per modulus, | ||
49 | containing seven space separated fields. | ||
50 | These fields are as follows: | ||
51 | .Pp | ||
52 | .Bl -tag -width Description -offset indent | ||
53 | .It timestamp | ||
54 | The time that the modulus was last processed as YYYYMMDDHHMMSS. | ||
55 | .It type | ||
56 | Decimal number specifying the internal structure of the prime modulus. | ||
57 | Supported types are: | ||
58 | .Pp | ||
59 | .Bl -tag -width 0x00 -compact | ||
60 | .It 0 | ||
61 | Unknown, not tested | ||
62 | .It 2 | ||
63 | "Safe" prime; (p-1)/2 is also prime. | ||
64 | .It 4 | ||
65 | Sophie Germain; (p+1)*2 is also prime. | ||
66 | .El | ||
67 | .Pp | ||
68 | Moduli candidates initially produced by | ||
69 | .Xr ssh-keygen 1 | ||
70 | are Sophie Germain primes (type 4). | ||
71 | Futher primality testing with | ||
72 | .Xr ssh-keygen 1 | ||
73 | produces safe prime moduli (type 2) that are ready for use in | ||
74 | .Xr sshd 8 . | ||
75 | Other types are not used by OpenSSH. | ||
76 | .It tests | ||
77 | Decimal number indicating the type of primality tests that the number | ||
78 | has been subjected to represented as a bitmask of the following values: | ||
79 | .Pp | ||
80 | .Bl -tag -width 0x00 -compact | ||
81 | .It 0x00 | ||
82 | Not tested | ||
83 | .It 0x01 | ||
84 | Composite number - not prime. | ||
85 | .It 0x02 | ||
86 | Sieve of Eratosthenes | ||
87 | .It 0x04 | ||
88 | Probabalistic Miller-Rabin primality tests. | ||
89 | .El | ||
90 | .Pp | ||
91 | The | ||
92 | .Xr ssh-keygen 1 | ||
93 | moduli candidate generation uses the Sieve of Eratosthenes (flag 0x02). | ||
94 | Subsequent | ||
95 | .Xr ssh-keygen 1 | ||
96 | primality tests are Miller-Rabin tests (flag 0x04). | ||
97 | .It trials | ||
98 | Decimal number indicating of primaility trials that have been performed | ||
99 | on the modulus. | ||
100 | .It size | ||
101 | Decimal number indicating the size of the prime in bits. | ||
102 | .It generator | ||
103 | The recommended generator for use with this modulus (hexadecimal). | ||
104 | .It modulus | ||
105 | The modulus itself in hexadecimal. | ||
106 | .El | ||
107 | .Pp | ||
108 | When performing Diffie Hellman Group Exchange, | ||
109 | .Xr sshd 8 | ||
110 | first estimates the size of the modulus required to produce enough | ||
111 | Diffie Hellman output to sufficiently key the selected symmetric cipher. | ||
112 | .Xr sshd 8 | ||
113 | then randomly selects a modulus from | ||
114 | .Fa /etc/moduli | ||
115 | that best meets the size requirement. | ||
116 | .Pp | ||
117 | .Sh SEE ALSO | ||
118 | .Xr ssh-keygen 1 , | ||
119 | .Xr sshd 8 , | ||
120 | .Rs | ||
121 | .%R RFC 4419 | ||
122 | .%T "Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol" | ||
123 | .%D 2006 | ||
124 | .Re | ||