*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->OpenBSD man pages -> moduli (5)              
Title
Content
Arch
Section
 

MODULI(5)

Contents

NAME    [Toc]    [Back]

     moduli - system moduli file

DESCRIPTION    [Toc]    [Back]

     The /etc/moduli file contains the system-wide Diffie-Hellman
prime moduli
     for sshd(8).

     Each  line in this file contains the following fields: Time,
Type, Tests,
     Tries, Size, Generator, Modulus.  The fields  are  separated
by white space
     (tab or blank).

     Time:  yyyymmddhhmmss.   Specifies  the system time that the
line was appended
 to the file.  The value 00000000000000 means  unknown
(historic).

     Type:  decimal.   Specifies  the  internal  structure of the
prime modulus.

           0:      unknown; often learned from peer during protocol operation,
                   and saved for later analysis.
           1:      unstructured; a common large number.
           2:       safe (p = 2q + 1); meets basic structural requirements.
           3:      Schnorr.
           4:      Sophie-Germaine (q = (p-1)/2); usually  generated in the
                   process of testing safe or strong primes.
           5:       strong; useful for RSA public key generation.

     Tests: decimal (bit field).  Specifies the methods  used  in
checking for
     primality.  Usually, more than one test is used.

           0:       not  tested;  often  learned from peer during
protocol operation,
 and saved for later analysis.
           1:      composite; failed one or more tests.  In  this
case, the
                   highest bit specifies the test that failed.
           2:       sieve;  checked  for  division  by a range of
smaller primes.
           4:      Miller-Rabin.
           8:      Jacobi.
           16:     Elliptic Curve.

     Tries: decimal.  Depends on the value of the  highest  valid
Test bit,
     where the method specified is:

           0:      not tested (always zero).
           1:      composite (irrelevant).
           2:       sieve;  number of primes sieved.  Commonly on
the order of
                   32,000,000.
           4:      Miller-Rabin; number of M-R iterations.   Commonly on the
                   order of 32 to 64.
           8:      Jacobi; unknown (always zero).
           16:     Elliptic Curve; unused (always zero).

     Size: decimal.  Specifies the number of the most significant
bit (0 to
     M).

     Generator: hex string.  Specifies the best generator  for  a
Diffie-Hellman
     exchange.  0 = unknown or variable, 2, 3, 5, etc.

     Modulus: hex string.  The prime modulus.

     The  file  is  searched for moduli that meet the appropriate
Time, Size and
     Generator criteria.  When more than one meet  the  criteria,
the selection
     should  be  weighted toward newer moduli, without completely
disqualifying
     older moduli.

FILES    [Toc]    [Back]

     /etc/moduli

SEE ALSO    [Toc]    [Back]

      
       
     sshd(8)

OpenBSD     3.6                           July      28,      1997
[ Back ]
 Similar pages
Name OS Title
mount_nullfs FreeBSD mount a loopback file system sub-tree; demonstrate the use of a null file system layer
vxfsconvert HP-UX convert a file system to a vxfs file system or upgrade a VxFS disk layout version.
fattach Tru64 Attach a STREAMS-based file descriptor to a file in the file system name space
fdetach Tru64 Detach a STREAMS-based file descriptor from a file in the file system name space
sizer Tru64 Displays information about the system or kernel, or creates a system configuration file
dxsysinfo Tru64 Monitors system information such as CPU activity, memory, swap space, and file system usage
default HP-UX system default database file for a trusted system
ff_vxfs HP-UX fast find: list file names and statistics for a VxFS file system
link Tru64 Create a hard link to an existing file on the local file system
setup Linux setup devices and file systems, mount root file system
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service