diff options
Diffstat (limited to 'moduli.0')
-rw-r--r-- | moduli.0 | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/moduli.0 b/moduli.0 new file mode 100644 index 000000000..6d707ff82 --- /dev/null +++ b/moduli.0 | |||
@@ -0,0 +1,73 @@ | |||
1 | MODULI(5) OpenBSD Programmer's Manual MODULI(5) | ||
2 | |||
3 | NAME | ||
4 | moduli - Diffie Hellman moduli | ||
5 | |||
6 | DESCRIPTION | ||
7 | The /etc/moduli file contains prime numbers and generators for use by | ||
8 | sshd(8) in the Diffie-Hellman Group Exchange key exchange method. | ||
9 | |||
10 | New moduli may be generated with ssh-keygen(1) using a two-step process. | ||
11 | An initial candidate generation pass, using ssh-keygen -G, calculates | ||
12 | numbers that are likely to be useful. A second primality testing pass, | ||
13 | using ssh-keygen -T provides a high degree of assurance that the numbers | ||
14 | are prime and are safe for use in Diffie Hellman operations by sshd(8). | ||
15 | This moduli format is used as the output from each pass. | ||
16 | |||
17 | The file consists of newline-separated records, one per modulus, | ||
18 | containing seven space separated fields. These fields are as follows: | ||
19 | |||
20 | |||
21 | timestamp The time that the modulus was last processed as | ||
22 | YYYYMMDDHHMMSS. | ||
23 | |||
24 | type Decimal number specifying the internal structure of | ||
25 | the prime modulus. Supported types are: | ||
26 | |||
27 | 0 Unknown, not tested | ||
28 | 2 "Safe" prime; (p-1)/2 is also prime. | ||
29 | 4 Sophie Germain; (p+1)*2 is also prime. | ||
30 | |||
31 | Moduli candidates initially produced by ssh-keygen(1) | ||
32 | are Sophie Germain primes (type 4). Futher primality | ||
33 | testing with ssh-keygen(1) produces safe prime moduli | ||
34 | (type 2) that are ready for use in sshd(8). Other | ||
35 | types are not used by OpenSSH. | ||
36 | |||
37 | tests Decimal number indicating the type of primality tests | ||
38 | that the number has been subjected to represented as a | ||
39 | bitmask of the following values: | ||
40 | |||
41 | 0x00 Not tested | ||
42 | 0x01 Composite number - not prime. | ||
43 | 0x02 Sieve of Eratosthenes | ||
44 | 0x04 Probabalistic Miller-Rabin primality tests. | ||
45 | |||
46 | The ssh-keygen(1) moduli candidate generation uses the | ||
47 | Sieve of Eratosthenes (flag 0x02). Subsequent | ||
48 | ssh-keygen(1) primality tests are Miller-Rabin tests | ||
49 | (flag 0x04). | ||
50 | |||
51 | trials Decimal number indicating of primaility trials that | ||
52 | have been performed on the modulus. | ||
53 | |||
54 | size Decimal number indicating the size of the prime in | ||
55 | bits. | ||
56 | |||
57 | generator The recommended generator for use with this modulus | ||
58 | (hexadecimal). | ||
59 | |||
60 | modulus The modulus itself in hexadecimal. | ||
61 | |||
62 | When performing Diffie Hellman Group Exchange, sshd(8) first estimates | ||
63 | the size of the modulus required to produce enough Diffie Hellman output | ||
64 | to sufficiently key the selected symmetric cipher. sshd(8) then randomly | ||
65 | selects a modulus from /etc/moduli that best meets the size requirement. | ||
66 | |||
67 | SEE ALSO | ||
68 | ssh-keygen(1), sshd(8), | ||
69 | |||
70 | Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer | ||
71 | Protocol, RFC 4419, 2006. | ||
72 | |||
73 | OpenBSD 4.8 June 26, 2008 OpenBSD 4.8 | ||