upstream: Clarify language about moduli. While both ends of the
connection do need to use the same parameters (ie groups), the DH-GEX protocol takes care of that and both ends do not need the same contents in the moduli file, which is what the previous text suggested. ok djm@ jmc@ OpenBSD-Commit-ID: f0c18cc8e79c2fbf537a432a9070ed94e96a622a
This commit is contained in:
parent
d3cc4d650c
commit
d1320c492f
|
@ -1,4 +1,4 @@
|
|||
.\" $OpenBSD: ssh-keygen.1,v 1.212 2020/11/27 10:12:30 dtucker Exp $
|
||||
.\" $OpenBSD: ssh-keygen.1,v 1.213 2021/05/12 11:34:30 dtucker Exp $
|
||||
.\"
|
||||
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -35,7 +35,7 @@
|
|||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: November 27 2020 $
|
||||
.Dd $Mdocdate: May 12 2021 $
|
||||
.Dt SSH-KEYGEN 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -816,8 +816,7 @@ Valid generator values are 2, 3, and 5.
|
|||
.Pp
|
||||
Screened DH groups may be installed in
|
||||
.Pa /etc/moduli .
|
||||
It is important that this file contains moduli of a range of bit lengths and
|
||||
that both ends of a connection share common moduli.
|
||||
It is important that this file contains moduli of a range of bit lengths.
|
||||
.Pp
|
||||
A number of options are available for moduli generation and screening via the
|
||||
.Fl O
|
||||
|
|
Loading…
Reference in New Issue