|MODULI(5)||File Formats Manual||MODULI(5)|
New moduli may be generated with
ssh-keygen(1) using a two-step
process. An initial candidate generation pass, using
ssh-keygen -G, calculates numbers that are likely to
be useful. A second primality testing pass, using
ssh-keygen -T, provides a high degree of assurance
that the numbers are prime and are safe for use in Diffie-Hellman operations
by sshd(8). This
moduli format is used as the output from each
The file consists of newline-separated records, one per modulus, containing seven space-separated fields. These fields are as follows:
Moduli candidates initially produced by ssh-keygen(1) are Sophie Germain primes (type 4). Further primality testing with ssh-keygen(1) produces safe prime moduli (type 2) that are ready for use in sshd(8). Other types are not used by OpenSSH.
When performing Diffie-Hellman Group Exchange, sshd(8) first estimates the size of the modulus required to produce enough Diffie-Hellman output to sufficiently key the selected symmetric cipher. sshd(8) then randomly selects a modulus from /etc/moduli that best meets the size requirement.ssh-keygen(1), sshd(8) M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006.
|November 19, 2014||OpenBSD-current|