MirBSD manpage: moduli(5)

MODULI(5)                    BSD Reference Manual                    MODULI(5)

NAME

     moduli - system moduli file

DESCRIPTION

     The /etc/moduli file contains the system-wide Diffie-Hellman prime moduli
     for sshd(8).

     Each line in this file contains the following fields: Time, Type, Tests,
     Tries, Size, Generator, Modulus. The fields are separated by white space
     (tab or blank).

     Time: yyyymmddhhmmss. Specifies the system time that the line was append-
     ed to the file. The value 00000000000000 means unknown (historic).

     Type: decimal. Specifies the internal structure of the prime modulus.

           0:      unknown; often learned from peer during protocol operation,
                   and saved for later analysis.
           1:      unstructured; a common large number.
           2:      safe (p = 2q + 1); meets basic structural requirements.
           3:      Schnorr.
           4:      Sophie-Germain (q = (p-1)/2); usually generated in the pro-
                   cess of testing safe or strong primes.
           5:      strong; useful for RSA public key generation.

     Tests: decimal (bit field). Specifies the methods used in checking for
     primality. Usually, more than one test is used.

           0:      not tested; often learned from peer during protocol opera-
                   tion, and saved for later analysis.
           1:      composite; failed one or more tests. In this case, the
                   highest bit specifies the test that failed.
           2:      sieve; checked for division by a range of smaller primes.
           4:      Miller-Rabin.
           8:      Jacobi.
           16:     Elliptic Curve.

     Tries: decimal. Depends on the value of the highest valid Test bit, where
     the method specified is:

           0:      not tested (always zero).
           1:      composite (irrelevant).
           2:      sieve; number of primes sieved. Commonly on the order of
                   32,000,000.
           4:      Miller-Rabin; number of M-R iterations. Commonly on the
                   order of 32 to 64.
           8:      Jacobi; unknown (always zero).
           16:     Elliptic Curve; unused (always zero).

     Size: decimal. Specifies the number of the most significant bit (0 to M).

     Generator: hex string. Specifies the best generator for a Diffie-Hellman
     exchange. 0 = unknown or variable, 2, 3, 5, etc.

     Modulus: hex string. The prime modulus.

     The file is searched for moduli that meet the appropriate Time, Size and
     Generator criteria. When more than one meet the criteria, the selection
     should be weighted toward newer moduli, without completely disqualifying
     older moduli.

     New moduli may be generated using the ssh-keygen(1) tool.

FILES

     /etc/moduli

SEE ALSO

     ssh-keygen(1), sshd(8)

MirBSD #10-current              July 28, 1997                                1

Generated on 2022-12-24 01:00:14 by $MirOS: src/scripts/roff2htm,v 1.113 2022/12/21 23:14:31 tg Exp $ — This product includes material provided by mirabilos.

These manual pages and other documentation are copyrighted by their respective writers; their sources are available at the project’s CVSweb, AnonCVS and other mirrors. The rest is Copyright © 2002–2022 MirBSD.

This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report — diffs preferred.

Kontakt / Impressum & Datenschutzerklärung