openssh unix dev - Jan 2014 - Openssh, moduli and ssh-keygen

Hi,

my question is related to the kex algorithm
diffie-hellman-group-exchange-sha256 and moduli generation. I've seen that
through ssh-keygen, I'm able to re-generate my moduli file used by DH but
I'm note sure to understand one point in the ssh-keygen manpage :
"Screened DH groups may be installed in /etc/ssh/moduli.  It is important
that this file contains moduli of a range of bit lengths and that both ends
of a connection share common moduli."

I don't understand why both ends of a connection should share a common
moduli file ?

If I trace the key exchange through wiresharck, I can see that the modulus
in transmitted as a public data to the client which is the expected
behavior according to the protocol.
If I strace the ssh client command (OpenSSH_5.9p1), I do not see any access
to the /etc/ssh/moduli file.

It seems that the moduli sharing between server and client is automaticaly
done by the protocol.

So, did I miss something or the manpage has a typo or is not clear ? Maybe
the sentence is aimed to say that bit lengths generated must be supported
by both ends ?

Thanks in advance for your explanation.

On Fri, Jan 24, 2014 at 9:21 PM, mailing-list ssh
<lssh.mailing.list at gmail.com> wrote:
> my question is related to the kex algorithm
> diffie-hellman-group-exchange-sha256 and moduli generation. I've seen
that
> through ssh-keygen, I'm able to re-generate my moduli file used by DH
but
> I'm note sure to understand one point in the ssh-keygen manpage :
> "Screened DH groups may be installed in /etc/ssh/moduli.  It is
important
> that this file contains moduli of a range of bit lengths and that both ends
> of a connection share common moduli."
>
> I don't understand why both ends of a connection should share a common
> moduli file ?
I think the man page is unclear.

The part about needing a range of sizes is true.  I suspect the part
about "both ends sharing common moduli" is trying to refer to
Diffie-Hellman Group Exchange, which is how the moduli for a
particular SSH session get to the client.

There is no requirement for the server and client to have the same
moduli file, and in fact no requirement for a client to have a moduli
file at all.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.