Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
MODULI(5)		      File Formats Manual		     MODULI(5)

       moduli -	Diffie-Hellman moduli

       The /usr/local/usr/local/etc/ssh/moduli file contains prime numbers and
       generators for use by sshd(8) in	the Diffie-Hellman Group Exchange  key
       exchange	method.

       New  moduli  may	 be  generated	with  ssh-keygen(1)  using  a two-step
       process.	 An initial candidategeneration	 pass,	using  ssh-keygen  -G,
       calculates  numbers  that  are  likely to be useful.  A second primali-
       tytesting pass, using ssh-keygen	-T, provides a high degree  of	assur-
       ance  that the numbers are prime	and are	safe for use in	Diffie-Hellman
       operations by sshd(8).  This moduli format is used as the  output  from
       each pass.

       The  file  consists of newline-separated	records, one per modulus, con-
       taining seven space-separated fields.  These fields are as follows:

	      The time that the	modulus	was last processed as YYYYMMDDHHMMSS.

       type   Decimal number specifying	the internal structure	of  the	 prime
	      modulus.	Supported types	are:

       0      Unknown, not tested.

       2      "Safe" prime; (p-1)/2 is also prime.

       4      Sophie Germain; 2p+1 is also prime.

	      Moduli candidates	initially produced by ssh-keygen(1) are	Sophie
	      Germain primes (type 4).	Further	primality  testing  with  ssh-
	      keygen(1)	produces safe prime moduli (type 2) that are ready for
	      use in sshd(8).  Other types are not used	by OpenSSH.

       tests  Decimal number indicating	the type of primality tests  that  the
	      number  has  been	 subjected  to represented as a	bitmask	of the
	      following	values:

       0x00   Not tested.

       0x01   Composite	number - not prime.

       0x02   Sieve of Eratosthenes.

       0x04   Probabilistic Miller-Rabin primality tests.

	      The ssh-keygen(1)	moduli candidate generation uses the Sieve  of
	      Eratosthenes  (flag  0x02).   Subsequent ssh-keygen(1) primality
	      tests are	Miller-Rabin tests (flag 0x04).

       trials Decimal number indicating	the number of  primality  trials  that
	      have been	performed on the modulus.

       size   Decimal number indicating	the size of the	prime in bits.

	      The  recommended	generator for use with this modulus (hexadeci-

	      The modulus itself in hexadecimal.

	      When performing Diffie-Hellman Group Exchange, sshd(8) first es-
	      timates  the  size  of  the  modulus  required to	produce	enough
	      Diffie-Hellman output to sufficiently key	the selected symmetric
	      cipher.	sshd(8)	 then  randomly	 selects  a  modulus  from  Fa
	      /usr/local/usr/local/etc/ssh/moduli that best meets the size re-

       ssh-keygen(1), sshd(8)

       W.  Simpson, N. Provos and M. Friedl, Diffie-Hellman Group Exchange for
       the Secure Shell	(SSH) Transport	Layer Protocol,	RFC 4419, 2006.

			      September	26 2012			     MODULI(5)


Want to link to this manual page? Use this URL:

home | help