diff options
Diffstat (limited to 'moduli.0')
-rw-r--r-- | moduli.0 | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/moduli.0 b/moduli.0 new file mode 100644 index 000000000..55a315fab --- /dev/null +++ b/moduli.0 | |||
@@ -0,0 +1,72 @@ | |||
1 | MODULI(5) OpenBSD Programmer's Manual MODULI(5) | ||
2 | |||
3 | NAME | ||
4 | moduli - Diffie Hellman moduli | ||
5 | |||
6 | DESCRIPTION | ||
7 | The /etc/moduli file contains prime numbers and generators for use by | ||
8 | sshd(8) in the Diffie-Hellman Group Exchange key exchange method. | ||
9 | |||
10 | New moduli may be generated with ssh-keygen(1) using a two-step process. | ||
11 | An initial candidate generation pass, using ssh-keygen -G, calculates | ||
12 | numbers that are likely to be useful. A second primality testing pass, | ||
13 | using ssh-keygen -T provides a high degree of assurance that the numbers | ||
14 | are prime and are safe for use in Diffie Hellman operations by sshd(8). | ||
15 | This moduli format is used as the output from each pass. | ||
16 | |||
17 | The file consists of newline-separated records, one per modulus, contain- | ||
18 | ing seven space separated fields. These fields are as follows: | ||
19 | |||
20 | timestamp The time that the modulus was last processed as YYYYM- | ||
21 | MDDHHMMSS. | ||
22 | |||
23 | type Decimal number specifying the internal structure of | ||
24 | the prime modulus. Supported types are: | ||
25 | |||
26 | 0 Unknown, not tested | ||
27 | 2 "Safe" prime; (p-1)/2 is also prime. | ||
28 | 4 Sophie Germain; (p+1)*2 is also prime. | ||
29 | |||
30 | Moduli candidates initially produced by ssh-keygen(1) | ||
31 | are Sophie Germain primes (type 4). Futher primality | ||
32 | testing with ssh-keygen(1) produces safe prime moduli | ||
33 | (type 2) that are ready for use in sshd(8). Other | ||
34 | types are not used by OpenSSH. | ||
35 | |||
36 | tests Decimal number indicating the type of primality tests | ||
37 | that the number has been subjected to represented as a | ||
38 | bitmask of the following values: | ||
39 | |||
40 | 0x00 Not tested | ||
41 | 0x01 Composite number - not prime. | ||
42 | 0x02 Sieve of Eratosthenes | ||
43 | 0x04 Probabalistic Miller-Rabin primality tests. | ||
44 | |||
45 | The ssh-keygen(1) moduli candidate generation uses the | ||
46 | Sieve of Eratosthenes (flag 0x02). Subsequent | ||
47 | ssh-keygen(1) primality tests are Miller-Rabin tests | ||
48 | (flag 0x04). | ||
49 | |||
50 | trials Decimal number indicating of primaility trials that | ||
51 | have been performed on the modulus. | ||
52 | |||
53 | size Decimal number indicating the size of the prime in | ||
54 | bits. | ||
55 | |||
56 | generator The recommended generator for use with this modulus | ||
57 | (hexadecimal). | ||
58 | |||
59 | modulus The modulus itself in hexadecimal. | ||
60 | |||
61 | When performing Diffie Hellman Group Exchange, sshd(8) first estimates | ||
62 | the size of the modulus required to produce enough Diffie Hellman output | ||
63 | to sufficiently key the selected symmetric cipher. sshd(8) then randomly | ||
64 | selects a modulus from /etc/moduli that best meets the size requirement. | ||
65 | |||
66 | SEE ALSO | ||
67 | ssh-keygen(1), sshd(8), | ||
68 | |||
69 | Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer | ||
70 | Protocol, RFC 4419, 2006. | ||
71 | |||
72 | OpenBSD 4.4 June 26, 2008 2 | ||