xref: /freebsd/share/man/man5/moduli.5 (revision e4731543e7d8753cc334c25c0d7503bc4e3b1b15)

.\" $OpenBSD: moduli.5,v 1.3 2001/06/24 18:50:52 provos Exp $
.\"
.\" Copyright 1997, 2000 William Allen Simpson <wsimpson@greendragon.com>
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\"    must display the following acknowledgement:
.\"      This product includes software designed by William Allen Simpson.
.\" 4. The name of the author may not be used to endorse or promote products
.\"    derived from this software without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
.Dd July 28, 1997
.Dt MODULI 5
.Os
.Sh NAME
.Nm moduli
.Nd system moduli file
.Sh DESCRIPTION
The
.Nm
file contains the system-wide Diffie-Hellman prime moduli for the
.Xr photurisd 8
and
.Xr sshd 8
programs.
.Pp
Each line in this file contains the following fields:
.Va Time , Type , Tests , Tries , Size , Generator ,
and
.Va Modulus .
The fields are separated by white space (tab or blank).
.Bl -tag -width indent
.It Va Time Pq Vt yyyymmddhhmmss
Specifies the system time that the line was appended to the file.
The value 00000000000000 means unknown (historic).
.\"The file is sorted in ascending order.
.It Va Type Pq Vt decimal
Specifies the internal structure of the prime modulus.
.Pp
.Bl -tag -width indent -compact
.It 0
unknown;
often learned from peer during protocol operation,
and saved for later analysis.
.It 1
unstructured;
a common large number.
.It 2
safe (p = 2q + 1);
meets basic structural requirements.
.It 3
Schnorr.
.It 4
Sophie-Germaine (q = (p-1)/2);
usually generated in the process of testing safe or strong primes.
.It 5
strong;
useful for RSA public key generation.
.El
.It Xo
.Va Tests Pq Vt decimal
(bit field)
.Xc
Specifies the methods used in checking for primality.
Usually, more than one test is used.
.Pp
.Bl -tag -width indent -compact
.It 0
not tested;
often learned from peer during protocol operation,
and saved for later analysis.
.It 1
composite;
failed one or more tests.
In this case, the highest bit specifies the test that failed.
.It 2
sieve;
checked for division by a range of smaller primes.
.It 4
Miller-Rabin.
.It 8
Jacobi.
.It 16
Elliptic Curve.
.El
.It Va Tries Pq Vt decimal
Depends on the value of the highest valid Test bit,
where the method specified is:
.Pp
.Bl -tag -width indent -compact
.It 0
not tested
(always zero).
.It 1
composite
(irrelevant).
.It 2
sieve;
number of primes sieved.
Commonly on the order of 32,000,000.
.It 4
Miller-Rabin;
number of M-R iterations.
Commonly on the order of 32 to 64.
.It 8
Jacobi;
unknown
(always zero).
.It 16
Elliptic Curve;
unused
(always zero).
.El
.It Va Size Pq Vt decimal
Specifies the number of significant bits.
.It Va Generator Pq Vt "hex string"
Specifies the best generator for a Diffie-Hellman exchange.
0 = unknown or variable,
2, 3, 5, etc.
.It Va Modulus Pq Vt "hex string"
The prime modulus.
.El
.Pp
The file is searched for moduli that meet the appropriate
.Va Time , Size
and
.Va Generator
criteria.
When more than one meet the criteria,
the selection should be weighted toward newer moduli,
without completely disqualifying older moduli.
.Sh FILES
.Bl -tag -width ".Pa /etc/ssh/moduli" -compact
.It Pa /etc/ssh/moduli
.El
.Sh SEE ALSO
.Xr photurisd 8 ,
.Xr sshd 8