summaryrefslogtreecommitdiff
path: root/moduli.5
diff options
context:
space:
mode:
Diffstat (limited to 'moduli.5')
-rw-r--r--moduli.540
1 files changed, 19 insertions, 21 deletions
diff --git a/moduli.5 b/moduli.5
index 4a99439cc..0e01b9414 100644
--- a/moduli.5
+++ b/moduli.5
@@ -1,4 +1,4 @@
1.\" $OpenBSD: moduli.5,v 1.12 2008/06/26 05:57:54 djm Exp $ 1.\" $OpenBSD: moduli.5,v 1.15 2010/10/14 20:41:28 jmc Exp $
2.\" 2.\"
3.\" Copyright (c) 2008 Damien Miller <djm@mindrot.org> 3.\" Copyright (c) 2008 Damien Miller <djm@mindrot.org>
4.\" 4.\"
@@ -13,16 +13,16 @@
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.Dd $Mdocdate: June 26 2008 $ 16.Dd $Mdocdate: October 14 2010 $
17.Dt MODULI 5 17.Dt MODULI 5
18.Os 18.Os
19.Sh NAME 19.Sh NAME
20.Nm moduli 20.Nm moduli
21.Nd Diffie Hellman moduli 21.Nd Diffie-Hellman moduli
22.Sh DESCRIPTION 22.Sh DESCRIPTION
23The 23The
24.Pa /etc/moduli 24.Pa /etc/moduli
25file contains prime numbers and generators for use by 25file contains prime numbers and generators for use by
26.Xr sshd 8 26.Xr sshd 8
27in the Diffie-Hellman Group Exchange key exchange method. 27in the Diffie-Hellman Group Exchange key exchange method.
28.Pp 28.Pp
@@ -31,24 +31,23 @@ New moduli may be generated with
31using a two-step process. 31using a two-step process.
32An initial 32An initial
33.Em candidate generation 33.Em candidate generation
34pass, using 34pass, using
35.Ic ssh-keygen -G , 35.Ic ssh-keygen -G ,
36calculates numbers that are likely to be useful. 36calculates numbers that are likely to be useful.
37A second 37A second
38.Em primality testing 38.Em primality testing
39pass, using 39pass, using
40.Ic ssh-keygen -T 40.Ic ssh-keygen -T ,
41provides a high degree of assurance that the numbers are prime and are 41provides a high degree of assurance that the numbers are prime and are
42safe for use in Diffie Hellman operations by 42safe for use in Diffie-Hellman operations by
43.Xr sshd 8 . 43.Xr sshd 8 .
44This 44This
45.Nm 45.Nm
46format is used as the output from each pass. 46format is used as the output from each pass.
47.Pp 47.Pp
48The file consists of newline-separated records, one per modulus, 48The file consists of newline-separated records, one per modulus,
49containing seven space separated fields. 49containing seven space-separated fields.
50These fields are as follows: 50These fields are as follows:
51.Pp
52.Bl -tag -width Description -offset indent 51.Bl -tag -width Description -offset indent
53.It timestamp 52.It timestamp
54The time that the modulus was last processed as YYYYMMDDHHMMSS. 53The time that the modulus was last processed as YYYYMMDDHHMMSS.
@@ -58,7 +57,7 @@ Supported types are:
58.Pp 57.Pp
59.Bl -tag -width 0x00 -compact 58.Bl -tag -width 0x00 -compact
60.It 0 59.It 0
61Unknown, not tested 60Unknown, not tested.
62.It 2 61.It 2
63"Safe" prime; (p-1)/2 is also prime. 62"Safe" prime; (p-1)/2 is also prime.
64.It 4 63.It 4
@@ -68,7 +67,7 @@ Sophie Germain; (p+1)*2 is also prime.
68Moduli candidates initially produced by 67Moduli candidates initially produced by
69.Xr ssh-keygen 1 68.Xr ssh-keygen 1
70are Sophie Germain primes (type 4). 69are Sophie Germain primes (type 4).
71Futher primality testing with 70Further primality testing with
72.Xr ssh-keygen 1 71.Xr ssh-keygen 1
73produces safe prime moduli (type 2) that are ready for use in 72produces safe prime moduli (type 2) that are ready for use in
74.Xr sshd 8 . 73.Xr sshd 8 .
@@ -79,13 +78,13 @@ has been subjected to represented as a bitmask of the following values:
79.Pp 78.Pp
80.Bl -tag -width 0x00 -compact 79.Bl -tag -width 0x00 -compact
81.It 0x00 80.It 0x00
82Not tested 81Not tested.
83.It 0x01 82.It 0x01
84Composite number - not prime. 83Composite number \(en not prime.
85.It 0x02 84.It 0x02
86Sieve of Eratosthenes 85Sieve of Eratosthenes.
87.It 0x04 86.It 0x04
88Probabalistic Miller-Rabin primality tests. 87Probabilistic Miller-Rabin primality tests.
89.El 88.El
90.Pp 89.Pp
91The 90The
@@ -95,8 +94,8 @@ Subsequent
95.Xr ssh-keygen 1 94.Xr ssh-keygen 1
96primality tests are Miller-Rabin tests (flag 0x04). 95primality tests are Miller-Rabin tests (flag 0x04).
97.It trials 96.It trials
98Decimal number indicating of primaility trials that have been performed 97Decimal number indicating the number of primality trials
99on the modulus. 98that have been performed on the modulus.
100.It size 99.It size
101Decimal number indicating the size of the prime in bits. 100Decimal number indicating the size of the prime in bits.
102.It generator 101.It generator
@@ -105,18 +104,17 @@ The recommended generator for use with this modulus (hexadecimal).
105The modulus itself in hexadecimal. 104The modulus itself in hexadecimal.
106.El 105.El
107.Pp 106.Pp
108When performing Diffie Hellman Group Exchange, 107When performing Diffie-Hellman Group Exchange,
109.Xr sshd 8 108.Xr sshd 8
110first estimates the size of the modulus required to produce enough 109first estimates the size of the modulus required to produce enough
111Diffie Hellman output to sufficiently key the selected symmetric cipher. 110Diffie-Hellman output to sufficiently key the selected symmetric cipher.
112.Xr sshd 8 111.Xr sshd 8
113then randomly selects a modulus from 112then randomly selects a modulus from
114.Fa /etc/moduli 113.Fa /etc/moduli
115that best meets the size requirement. 114that best meets the size requirement.
116.Pp
117.Sh SEE ALSO 115.Sh SEE ALSO
118.Xr ssh-keygen 1 , 116.Xr ssh-keygen 1 ,
119.Xr sshd 8 , 117.Xr sshd 8
120.Rs 118.Rs
121.%R RFC 4419 119.%R RFC 4419
122.%T "Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol" 120.%T "Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol"