- (dtucker) OpenBSD CVS Sync

- jmc@cvs.openbsd.org 2008/06/26 06:59:39 [moduli.5] tweak previous;
2011-08-07 23:09:20 +10:00 · 2011-08-07 23:09:20 +10:00 · 578451ddda
parent 765f8c4eff
commit 578451ddda
2 changed files with 19 additions and 15 deletions
--- a/6
+++ b/6
@ -1,3 +1,9 @@
+20110807
+ - (dtucker) OpenBSD CVS Sync
+   - jmc@cvs.openbsd.org 2008/06/26 06:59:39
+     [moduli.5]
+     tweak previous;
+
 20110805
 - OpenBSD CVS Sync
   - djm@cvs.openbsd.org 2011/06/23 23:35:42
--- a/moduli.5
+++ b/moduli.5
@ -1,4 +1,4 @@
-.\"	$OpenBSD: moduli.5,v 1.12 2008/06/26 05:57:54 djm Exp $
+.\"	$OpenBSD: moduli.5,v 1.13 2008/06/26 06:59:39 jmc Exp $
 .\"
 .\" Copyright (c) 2008 Damien Miller <djm@mindrot.org>
 .\"
@ -22,7 +22,7 @@
 .Sh DESCRIPTION
 The
 .Pa /etc/moduli
-file contains prime numbers and generators for use by 
+file contains prime numbers and generators for use by
 .Xr sshd 8
 in the Diffie-Hellman Group Exchange key exchange method.
 .Pp
@ -31,13 +31,13 @@ New moduli may be generated with
 using a two-step process.
 An initial
 .Em candidate generation
-pass, using 
+pass, using
 .Ic ssh-keygen -G ,
 calculates numbers that are likely to be useful.
 A second
 .Em primality testing
 pass, using
-.Ic ssh-keygen -T
+.Ic ssh-keygen -T ,
 provides a high degree of assurance that the numbers are prime and are
 safe for use in Diffie Hellman operations by
 .Xr sshd 8 .
@ -46,9 +46,8 @@ This
 format is used as the output from each pass.
 .Pp
 The file consists of newline-separated records, one per modulus,
-containing seven space separated fields.
+containing seven space-separated fields.
 These fields are as follows:
-.Pp
 .Bl -tag -width Description -offset indent
 .It timestamp
 The time that the modulus was last processed as YYYYMMDDHHMMSS.
@ -58,7 +57,7 @@ Supported types are:
 .Pp
 .Bl -tag -width 0x00 -compact
 .It 0
-Unknown, not tested
+Unknown, not tested.
 .It 2
 "Safe" prime; (p-1)/2 is also prime.
 .It 4
@ -68,7 +67,7 @@ Sophie Germain; (p+1)*2 is also prime.
 Moduli candidates initially produced by
 .Xr ssh-keygen 1
 are Sophie Germain primes (type 4).
-Futher primality testing with
+Further primality testing with
 .Xr ssh-keygen 1
 produces safe prime moduli (type 2) that are ready for use in
 .Xr sshd 8 .
@ -79,11 +78,11 @@ has been subjected to represented as a bitmask of the following values:
 .Pp
 .Bl -tag -width 0x00 -compact
 .It 0x00
-Not tested
+Not tested.
 .It 0x01
-Composite number - not prime.
+Composite number \(en not prime.
 .It 0x02
-Sieve of Eratosthenes
+Sieve of Eratosthenes.
 .It 0x04
 Probabalistic Miller-Rabin primality tests.
 .El
@ -95,8 +94,8 @@ Subsequent
 .Xr ssh-keygen 1
 primality tests are Miller-Rabin tests (flag 0x04).
 .It trials
-Decimal number indicating of primaility trials that have been performed
-on the modulus.
+Decimal number indicating the number of primality trials
+that have been performed on the modulus.
 .It size
 Decimal number indicating the size of the prime in bits.
 .It generator
@ -113,10 +112,9 @@ Diffie Hellman output to sufficiently key the selected symmetric cipher.
 then randomly selects a modulus from
 .Fa /etc/moduli
 that best meets the size requirement.
-.Pp
 .Sh SEE ALSO
 .Xr ssh-keygen 1 ,
-.Xr sshd 8 ,
+.Xr sshd 8
 .Rs
 .%R RFC 4419
 .%T "Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol"