moduli.0 revision 214979
1214571SdimMODULI(5) OpenBSD Programmer's Manual MODULI(5) 2214571Sdim 3214571SdimNAME 4214571Sdim moduli - Diffie Hellman moduli 5214571Sdim 6214571SdimDESCRIPTION 7214571Sdim The /etc/moduli file contains prime numbers and generators for use by 8214571Sdim sshd(8) in the Diffie-Hellman Group Exchange key exchange method. 9214571Sdim 10214571Sdim New moduli may be generated with ssh-keygen(1) using a two-step process. 11214571Sdim An initial candidate generation pass, using ssh-keygen -G, calculates 12214571Sdim numbers that are likely to be useful. A second primality testing pass, 13214571Sdim using ssh-keygen -T provides a high degree of assurance that the numbers 14214571Sdim are prime and are safe for use in Diffie Hellman operations by sshd(8). 15214571Sdim This moduli format is used as the output from each pass. 16214571Sdim 17214571Sdim The file consists of newline-separated records, one per modulus, 18214571Sdim containing seven space separated fields. These fields are as follows: 19214571Sdim 20214571Sdim 21214571Sdim timestamp The time that the modulus was last processed as 22214571Sdim YYYYMMDDHHMMSS. 23214571Sdim 24214571Sdim type Decimal number specifying the internal structure of 25214571Sdim the prime modulus. Supported types are: 26214571Sdim 27214571Sdim 0 Unknown, not tested 28214571Sdim 2 "Safe" prime; (p-1)/2 is also prime. 29214571Sdim 4 Sophie Germain; (p+1)*2 is also prime. 30214571Sdim 31214571Sdim Moduli candidates initially produced by ssh-keygen(1) 32214571Sdim are Sophie Germain primes (type 4). Futher primality 33214571Sdim testing with ssh-keygen(1) produces safe prime moduli 34214571Sdim (type 2) that are ready for use in sshd(8). Other 35214571Sdim types are not used by OpenSSH. 36214571Sdim 37214571Sdim tests Decimal number indicating the type of primality tests 38214571Sdim that the number has been subjected to represented as a 39214571Sdim bitmask of the following values: 40214571Sdim 41214571Sdim 0x00 Not tested 42214571Sdim 0x01 Composite number - not prime. 43214571Sdim 0x02 Sieve of Eratosthenes 44214571Sdim 0x04 Probabalistic Miller-Rabin primality tests. 45214571Sdim 46214571Sdim The ssh-keygen(1) moduli candidate generation uses the 47214571Sdim Sieve of Eratosthenes (flag 0x02). Subsequent 48214571Sdim ssh-keygen(1) primality tests are Miller-Rabin tests 49214571Sdim (flag 0x04). 50214571Sdim 51214571Sdim trials Decimal number indicating of primaility trials that 52214571Sdim have been performed on the modulus. 53214571Sdim 54214571Sdim size Decimal number indicating the size of the prime in 55214571Sdim bits. 56214571Sdim 57214571Sdim generator The recommended generator for use with this modulus 58214571Sdim (hexadecimal). 59214571Sdim 60214571Sdim modulus The modulus itself in hexadecimal. 61214571Sdim 62214571Sdim When performing Diffie Hellman Group Exchange, sshd(8) first estimates 63214571Sdim the size of the modulus required to produce enough Diffie Hellman output 64214571Sdim to sufficiently key the selected symmetric cipher. sshd(8) then randomly 65214571Sdim selects a modulus from /etc/moduli that best meets the size requirement. 66214571Sdim 67214571SdimSEE ALSO 68214571Sdim ssh-keygen(1), sshd(8), 69214571Sdim 70214571Sdim Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer 71214571Sdim Protocol, RFC 4419, 2006. 72214571Sdim 73214571SdimOpenBSD 4.8 June 26, 2008 OpenBSD 4.8 74214571Sdim