diff options
Diffstat (limited to 'moduli.5')
-rw-r--r-- | moduli.5 | 40 |
1 files changed, 19 insertions, 21 deletions
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: moduli.5,v 1.12 2008/06/26 05:57:54 djm Exp $ | 1 | .\" $OpenBSD: moduli.5,v 1.15 2010/10/14 20:41:28 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2008 Damien Miller <djm@mindrot.org> | 3 | .\" Copyright (c) 2008 Damien Miller <djm@mindrot.org> |
4 | .\" | 4 | .\" |
@@ -13,16 +13,16 @@ | |||
13 | .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | 13 | .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | .Dd $Mdocdate: June 26 2008 $ | 16 | .Dd $Mdocdate: October 14 2010 $ |
17 | .Dt MODULI 5 | 17 | .Dt MODULI 5 |
18 | .Os | 18 | .Os |
19 | .Sh NAME | 19 | .Sh NAME |
20 | .Nm moduli | 20 | .Nm moduli |
21 | .Nd Diffie Hellman moduli | 21 | .Nd Diffie-Hellman moduli |
22 | .Sh DESCRIPTION | 22 | .Sh DESCRIPTION |
23 | The | 23 | The |
24 | .Pa /etc/moduli | 24 | .Pa /etc/moduli |
25 | file contains prime numbers and generators for use by | 25 | file contains prime numbers and generators for use by |
26 | .Xr sshd 8 | 26 | .Xr sshd 8 |
27 | in the Diffie-Hellman Group Exchange key exchange method. | 27 | in the Diffie-Hellman Group Exchange key exchange method. |
28 | .Pp | 28 | .Pp |
@@ -31,24 +31,23 @@ New moduli may be generated with | |||
31 | using a two-step process. | 31 | using a two-step process. |
32 | An initial | 32 | An initial |
33 | .Em candidate generation | 33 | .Em candidate generation |
34 | pass, using | 34 | pass, using |
35 | .Ic ssh-keygen -G , | 35 | .Ic ssh-keygen -G , |
36 | calculates numbers that are likely to be useful. | 36 | calculates numbers that are likely to be useful. |
37 | A second | 37 | A second |
38 | .Em primality testing | 38 | .Em primality testing |
39 | pass, using | 39 | pass, using |
40 | .Ic ssh-keygen -T | 40 | .Ic ssh-keygen -T , |
41 | provides a high degree of assurance that the numbers are prime and are | 41 | provides a high degree of assurance that the numbers are prime and are |
42 | safe for use in Diffie Hellman operations by | 42 | safe for use in Diffie-Hellman operations by |
43 | .Xr sshd 8 . | 43 | .Xr sshd 8 . |
44 | This | 44 | This |
45 | .Nm | 45 | .Nm |
46 | format is used as the output from each pass. | 46 | format is used as the output from each pass. |
47 | .Pp | 47 | .Pp |
48 | The file consists of newline-separated records, one per modulus, | 48 | The file consists of newline-separated records, one per modulus, |
49 | containing seven space separated fields. | 49 | containing seven space-separated fields. |
50 | These fields are as follows: | 50 | These fields are as follows: |
51 | .Pp | ||
52 | .Bl -tag -width Description -offset indent | 51 | .Bl -tag -width Description -offset indent |
53 | .It timestamp | 52 | .It timestamp |
54 | The time that the modulus was last processed as YYYYMMDDHHMMSS. | 53 | The time that the modulus was last processed as YYYYMMDDHHMMSS. |
@@ -58,7 +57,7 @@ Supported types are: | |||
58 | .Pp | 57 | .Pp |
59 | .Bl -tag -width 0x00 -compact | 58 | .Bl -tag -width 0x00 -compact |
60 | .It 0 | 59 | .It 0 |
61 | Unknown, not tested | 60 | Unknown, not tested. |
62 | .It 2 | 61 | .It 2 |
63 | "Safe" prime; (p-1)/2 is also prime. | 62 | "Safe" prime; (p-1)/2 is also prime. |
64 | .It 4 | 63 | .It 4 |
@@ -68,7 +67,7 @@ Sophie Germain; (p+1)*2 is also prime. | |||
68 | Moduli candidates initially produced by | 67 | Moduli candidates initially produced by |
69 | .Xr ssh-keygen 1 | 68 | .Xr ssh-keygen 1 |
70 | are Sophie Germain primes (type 4). | 69 | are Sophie Germain primes (type 4). |
71 | Futher primality testing with | 70 | Further primality testing with |
72 | .Xr ssh-keygen 1 | 71 | .Xr ssh-keygen 1 |
73 | produces safe prime moduli (type 2) that are ready for use in | 72 | produces safe prime moduli (type 2) that are ready for use in |
74 | .Xr sshd 8 . | 73 | .Xr sshd 8 . |
@@ -79,13 +78,13 @@ has been subjected to represented as a bitmask of the following values: | |||
79 | .Pp | 78 | .Pp |
80 | .Bl -tag -width 0x00 -compact | 79 | .Bl -tag -width 0x00 -compact |
81 | .It 0x00 | 80 | .It 0x00 |
82 | Not tested | 81 | Not tested. |
83 | .It 0x01 | 82 | .It 0x01 |
84 | Composite number - not prime. | 83 | Composite number \(en not prime. |
85 | .It 0x02 | 84 | .It 0x02 |
86 | Sieve of Eratosthenes | 85 | Sieve of Eratosthenes. |
87 | .It 0x04 | 86 | .It 0x04 |
88 | Probabalistic Miller-Rabin primality tests. | 87 | Probabilistic Miller-Rabin primality tests. |
89 | .El | 88 | .El |
90 | .Pp | 89 | .Pp |
91 | The | 90 | The |
@@ -95,8 +94,8 @@ Subsequent | |||
95 | .Xr ssh-keygen 1 | 94 | .Xr ssh-keygen 1 |
96 | primality tests are Miller-Rabin tests (flag 0x04). | 95 | primality tests are Miller-Rabin tests (flag 0x04). |
97 | .It trials | 96 | .It trials |
98 | Decimal number indicating of primaility trials that have been performed | 97 | Decimal number indicating the number of primality trials |
99 | on the modulus. | 98 | that have been performed on the modulus. |
100 | .It size | 99 | .It size |
101 | Decimal number indicating the size of the prime in bits. | 100 | Decimal number indicating the size of the prime in bits. |
102 | .It generator | 101 | .It generator |
@@ -105,18 +104,17 @@ The recommended generator for use with this modulus (hexadecimal). | |||
105 | The modulus itself in hexadecimal. | 104 | The modulus itself in hexadecimal. |
106 | .El | 105 | .El |
107 | .Pp | 106 | .Pp |
108 | When performing Diffie Hellman Group Exchange, | 107 | When performing Diffie-Hellman Group Exchange, |
109 | .Xr sshd 8 | 108 | .Xr sshd 8 |
110 | first estimates the size of the modulus required to produce enough | 109 | first estimates the size of the modulus required to produce enough |
111 | Diffie Hellman output to sufficiently key the selected symmetric cipher. | 110 | Diffie-Hellman output to sufficiently key the selected symmetric cipher. |
112 | .Xr sshd 8 | 111 | .Xr sshd 8 |
113 | then randomly selects a modulus from | 112 | then randomly selects a modulus from |
114 | .Fa /etc/moduli | 113 | .Fa /etc/moduli |
115 | that best meets the size requirement. | 114 | that best meets the size requirement. |
116 | .Pp | ||
117 | .Sh SEE ALSO | 115 | .Sh SEE ALSO |
118 | .Xr ssh-keygen 1 , | 116 | .Xr ssh-keygen 1 , |
119 | .Xr sshd 8 , | 117 | .Xr sshd 8 |
120 | .Rs | 118 | .Rs |
121 | .%R RFC 4419 | 119 | .%R RFC 4419 |
122 | .%T "Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol" | 120 | .%T "Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol" |