search for: moduli

Hi folks, This applies to src/share/man/man5/moduli.5 in the OpenBSD source tree, and doesn't seem to apply to the portable OpenSSH, so I've sent this change here instead of via Bugzilla. The wording of moduli(5) implies that sshd puts more thought about which modulus it selects than it really does. The following patch corrects this. Simo...

Hi, Can anybody briefly explain the significance of the updated moduli file? Is this a critical update? Should all existing installations update their moduli file? Thanks in advance, -- Dan

Hi, my question is related to the kex algorithm diffie-hellman-group-exchange-sha256 and moduli generation. I've seen that through ssh-keygen, I'm able to re-generate my moduli file used by DH but I'm note sure to understand one point in the ssh-keygen manpage : "Screened DH groups may be installed in /etc/ssh/moduli. It is important that this file contains moduli of a range...

On Fri, 2019-02-15 at 15:57 +1100, Darren Tucker wrote: > That was the original intent (and it's mentioned in RFC4419) however > each moduli file we ship (70-80 instances of 6 sizes) takes about 1 > cpu-month to generate on a lowish-power x86-64 machine. Most of it > is > parallelizable, but even then it'd likely take a few hours to > generate > one of each size. I imagine that'd cause some complaints about &gt...

...e 's|/etc/ssh/ssh_host_dsa_key|/usr/local/etc/ssh_host_dsa_key|g' -e 's|/etc/ssh/ssh_host_rsa_key|/usr/local/etc/ssh_host_rsa_key|g' -e 's|/etc/ssh/ssh_host_ed25519_key|/usr/local/etc/ssh_host_ed25519_key|g' -e 's|/var/run/sshd.pid|/var/run/sshd.pid|g' -e 's|/etc/moduli|/usr/local/etc/moduli|g' -e 's|/etc/ssh/moduli|/usr/local/etc/moduli|g' -e 's|/etc/ssh/sshrc|/usr/local/etc/sshrc|g' -e 's|/usr/X11R6/bin/xauth|/usr/openwin/bin/xauth|g' -e 's|/var/empty|/var/empty|g' -e 's|/usr/bin:/bin:/usr/sbin:/sbin|/usr/bin:/bin:/usr/sbi...

...on, I came across this error: ssh/ssh_host_ecdsa_key|/opt/etc/ssh_host_ecdsa_key|g' -e 's|/etc/ssh/ssh_host_dsa_key|/opt/etc/ssh_host_dsa_key|g' -e 's|/etc/ssh/ssh_host_rsa_key|/opt/etc/ssh_host_rsa_key|g' -e 's|/var/run/sshd.pid|/var/run/sshd.pid|g' -e 's|/etc/moduli|/opt/etc/moduli|g' -e 's|/etc/ssh/moduli|/opt/etc/moduli|g' -e 's|/etc/ssh/sshrc|/opt/etc/sshrc|g' -e 's|/usr/X11R6/bin/xauth|/usr/X11R6/bin/xauth|g' -e 's|/var/empty|/var/empty|g' -e 's|/usr/bin:/bin:/usr/sbin:/sbin||g' ${manpage} > moduli.5.out;...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 With this change built ok. But patch must be quite different on my platform (see attached) for portable version. And, of course, after autoreconf run. 02.08.2016 10:55, Darren Tucker ?????: > --- a/configure.ac > +++ b/configure.ac > @@ -754,6 +754,9 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))

I'm not nearly knowledgeable enough in crypto to fully understand your answer, but I will try. I wonder why moduli are not automatically generated the first time sshd is started though. That would make much more sense than shipping a default moduli file but also asking everyone to replace it with their own. On Fri, Feb 15, 2019 at 5:50 AM Mark D. Baushke <mdb at juniper.net> wrote: > > Yegor Ievlev...

http://bugzilla.mindrot.org/show_bug.cgi?id=1372 Summary: sshd(8) and ssh-keygen(1) refer to non-existent moduli(5) Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo: bitbucket at mindrot.org ReportedBy: David.Leonar...

Also, how are default moduli shipped with OpenSSH for use in diffie-hellman-group-exchange-sha1/sha256 chosen? Are they chosen randomly by developers or are they chosen for security properties? If they are random, why not use moduli from RFC 7919 instead, like Mozilla recommends? On Fri, Feb 15, 2019 at 3:48 AM Mark D. Baushk...

Hello all, I propose the following patch to ssh-keygen.c for openssh version 4.5. It allows to redirect output of the moduli operations to stdout, to do something like e.g.: $ ssh-keygen -G - -b 2048 | ssh-keygen -T - -f - >moduli Best regards, Christian --- ssh/ssh-keygen.c.old 2007-03-01 12:43:06.000000000 +0100 +++ ssh/ssh-keygen.c 2007-03-01 12:47:32.000000000 +0100 @@ -1270,13 +1270,16 @@ main(int ac, char **...

if [ ! -f /opt/sldx/slwo/openssh-3.1p1/openssh-3.1p1/contrib/solaris/package/usr/local/etc/moduli ]; then \ if [ -f /opt/sldx/slwo/openssh-3.1p1/openssh-3.1p1/contrib/solaris/package/usr/local/etc/primes ]; then \ echo "moving /opt/sldx/slwo/openssh-3.1p1/openssh-3.1p1/contrib/solaris/package/usr/local/etc/primes to /opt/sldx/ slwo/openssh-3.1p1/openssh-3.1p1/contri...

I don't think there is any point to generate so many moduli. Actually, 3 moduli of sizes 2048, 3072 and 4096 seem like a sane choice. On Fri, Feb 15, 2019 at 7:58 AM Darren Tucker <dtucker at dtucker.net> wrote: > > On Fri, 15 Feb 2019 at 14:22, Yegor Ievlev <koops1997 at gmail.com> wrote: > > I'm not nearly knowledgeable enough...

http://bugzilla.mindrot.org/show_bug.cgi?id=612 Summary: moduli.5 documentation doesn't match ssh code (off by 1) Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P2 Component: sshd AssignedTo: openssh-bug...

https://bugzilla.mindrot.org/show_bug.cgi?id=2614 Bug ID: 2614 Summary: ssh-keygen: Moduli generation not accepting start line and count options Product: Portable OpenSSH Version: 7.2p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh-keygen...

https://bugzilla.mindrot.org/show_bug.cgi?id=2559 Bug ID: 2559 Summary: Warnings from reading moduli file, refer to primes file Product: Portable OpenSSH Version: 7.2p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bu...

Hi, I'm interested in requiring a minimum of 3072-bit DH moduli when using the "diffie-hellman-group-exchange-sha256" kex, so I edited my /etc/ssh/moduli file such that only 3071+ moduli are left. However, when clients ask for a max of 2048-bit moduli, they actually get one (!). I poked around and found that a fallback mechanism exists (dh.c:18...

...'t be impacted by the removal of the fallback mechanism. > You should also take a closer look at RFC 4419. I believe you will find > that returning the biggest prime the SSH daemon knows which is larger > than the requested prime is correct. Even if it is not necessarily in > the moduli file. Section 3 says: "The server should return the smallest group it knows that is larger than the size the client requested." Even though my system has values in /etc/ssh/moduli that are 3072-bits all the way up to 8192-bits, its still returning group14. I suppose with a loose in...

...I presume; the >> take-home seems to be that 1024-bit DH primes might well be too weak. >> I'm wondering what (if anything!) you propose to do about this issue, >> and what Debian might do for our users? > > Would you (and any other vendors) consider generating your own moduli file > for your distribution? If a few vendors did that it'd increase the > diversity quite a lot and it'd stop us (well, specifically me) being the > point of failure for not making updates. (thanks for making the recent moduli update, Darren!) This is an interesting proposal a...

[ OS: Solaris 2.8 ] Curious why 'moduli' is installed in the "--sysconfdir' directory? Isn't this machine-independent and therefore should go in the "--datadir" directory? Also, it seems to me that the datadir/sysconfdir/sharedstatedir/ localstatedir would be more useful if they were set up (or further expand...