# qsafe(1) [netbsd man page]

QSIEVE(1) BSD General Commands Manual QSIEVE(1)NAME

qsieve, qsafegenerate system moduli file--SYNOPSIS

qsieve [megabytes bits [initial]] qsafe [trials [generator]]DESCRIPTION

The qsieve utility will list candidates for Sophie-Germaine primes (where q = (p-1)/2) to standard output. The list is checked against small known primes (less than 2**30). This step is both processor and memory intensive. The megabytes value sets a limit for the internal sieve buffer. This should be small enough to remain entirely in memory. Swap thrashing can increase the run time from hours to days or weeks! When the megabytes value is zero (0), qsieve will select a default suitable for the bits. The bits value sets the length of the generated possible primes (typically 768, 1024, 1536, 2048, 3072, or 4096, although others can be used for variety). The optional initial value (hex) specifies the beginning of the search. Otherwise, qsieve generates a randomly selected number. The qsafe utility will perform a Miller-Rabin primality test on the list of candidates (checking both q and p) from standard input. The result is a list of so-call "safe" primes to standard output, suitable for use as Diffie-Hellman moduli. This step is merely processor intensive. The trials value sets the number of Miller-Rabin interations (typically 16 to 128). The optional generator value (hex) limits testing to candidates with a specific generator (usually 2). Otherwise, qsafe will test each can- didate and suggest a generator.SEE ALSO

moduli(5)HISTORY

These programs were originally developed for the Photuris project, and later the OpenSSH project.BSD

July 28, 1997 BSD

## Check Out this Related Man Page

MODULI(5) BSD File Formats Manual MODULI(5)NAME

moduliDiffie Hellman moduli--DESCRIPTION

The /etc/ssh/moduli file contains prime numbers and generators for use by sshd(8) in the Diffie-Hellman Group Exchange key exchange method. New moduli may be generated with ssh-keygen(1) using a two-step process. An initial candidate generation pass, using ssh-keygen, calcu- lates numbers that are likely to be useful. A second primality testing pass, using ssh-keygen-Gprovides a high degree of assurance that the numbers are prime and are safe for use in Diffie Hellman operations by sshd(8). This moduli format is used as the output from each pass. The file consists of newline-separated records, one per modulus, containing seven space separated fields. These fields are as follows: timestamp The time that the modulus was last processed as YYYYMMDDHHMMSS. type Decimal number specifying the internal structure of the prime modulus. Supported types are: 0 Unknown, not tested 2 "Safe" prime; (p-1)/2 is also prime. 4 Sophie Germain; (p+1)*2 is also prime. Moduli candidates initially produced by ssh-keygen(1) are Sophie Germain primes (type 4). Futher primality testing with ssh-keygen(1) produces safe prime moduli (type 2) that are ready for use in sshd(8). Other types are not used by OpenSSH. tests Decimal number indicating the type of primality tests that the number has been subjected to represented as a bitmask of the following values: 0x00 Not tested 0x01 Composite number - not prime. 0x02 Sieve of Eratosthenes 0x04 Probabalistic Miller-Rabin primality tests. The ssh-keygen(1) moduli candidate generation uses the Sieve of Eratosthenes (flag 0x02). Subsequent ssh-keygen(1) pri- mality tests are Miller-Rabin tests (flag 0x04). trials Decimal number indicating of primaility trials that have been performed on the modulus. size Decimal number indicating the size of the prime in bits. generator The recommended generator for use with this modulus (hexadecimal). modulus The modulus itself in hexadecimal. When performing Diffie Hellman Group Exchange, sshd(8) first estimates the size of the modulus required to produce enough Diffie Hellman out- put to sufficiently key the selected symmetric cipher. sshd(8) then randomly selects a modulus from /etc/ssh/moduli that best meets the size requirement.-TSEE ALSO

ssh-keygen(1), sshd(8), Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, 2006.BSD

June 26, 2008 BSD