Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
MODULI(5)                 FreeBSD File Formats Manual                MODULI(5)

NAME
     moduli - system moduli file

DESCRIPTION
     The moduli file contains the system-wide Diffie-Hellman prime moduli for
     the photurisd(8) and sshd(8) programs.

     Each line in this file contains the following fields: Time, Type, Tests,
     Tries, Size, Generator, and Modulus.  The fields are separated by white
     space (tab or blank).

     Time (yyyymmddhhmmss)
             Specifies the system time that the line was appended to the file.
             The value 00000000000000 means unknown (historic).

     Type (decimal)
             Specifies the internal structure of the prime modulus.

             0       unknown; often learned from peer during protocol
                     operation, and saved for later analysis.
             1       unstructured; a common large number.
             2       safe (p = 2q + 1); meets basic structural requirements.
             3       Schnorr.
             4       Sophie-Germaine (q = (p-1)/2); usually generated in the
                     process of testing safe or strong primes.
             5       strong; useful for RSA public key generation.

     Tests (decimal) (bit field)
             Specifies the methods used in checking for primality.  Usually,
             more than one test is used.

             0       not tested; often learned from peer during protocol
                     operation, and saved for later analysis.
             1       composite; failed one or more tests.  In this case, the
                     highest bit specifies the test that failed.
             2       sieve; checked for division by a range of smaller primes.
             4       Miller-Rabin.
             8       Jacobi.
             16      Elliptic Curve.

     Tries (decimal)
             Depends on the value of the highest valid Test bit, where the
             method specified is:

             0       not tested (always zero).
             1       composite (irrelevant).
             2       sieve; number of primes sieved.  Commonly on the order of
                     32,000,000.
             4       Miller-Rabin; number of M-R iterations.  Commonly on the
                     order of 32 to 64.
             8       Jacobi; unknown (always zero).
             16      Elliptic Curve; unused (always zero).

     Size (decimal)
             Specifies the number of significant bits.

     Generator (hex string)
             Specifies the best generator for a Diffie-Hellman exchange.  0 =
             unknown or variable, 2, 3, 5, etc.

     Modulus (hex string)
             The prime modulus.

     The file is searched for moduli that meet the appropriate Time, Size and
     Generator criteria.  When more than one meet the criteria, the selection
     should be weighted toward newer moduli, without completely disqualifying
     older moduli.

FILES
     /etc/ssh/moduli

SEE ALSO
     photurisd(8), sshd(8)

FreeBSD 11.0-PRERELEASE          July 28, 1997         FreeBSD 11.0-PRERELEASE

NAME | DESCRIPTION | FILES | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=moduli&sektion=5&manpath=FreeBSD+5.2.1-RELEASE>

home | help