- (dtucker) OpenBSD CVS Sync

   - jmc@cvs.openbsd.org 2008/06/26 06:59:39
     [moduli.5]
     tweak previous;

diff --git a/ChangeLog b/ChangeLog
index 1e1a06c3026b2fc61dacf17d44aae3f7c1b891fe..d65b45a8d21ff35c155a390e8c2d36716e0bfbf2 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+20110807
+ - (dtucker) OpenBSD CVS Sync
+   - jmc@cvs.openbsd.org 2008/06/26 06:59:39
+     [moduli.5]
+     tweak previous;
+
 20110805
  - OpenBSD CVS Sync
    - djm@cvs.openbsd.org 2011/06/23 23:35:42

diff --git a/moduli.5 b/moduli.5
index 4a99439cc64e1fd0de583c33b6271ece98b2ecc5..a1321abdf23479cd214f803b838b2c4d8d1ebdcf 100644 (file)
--- a/moduli.5
+++ b/moduli.5
@@ -1,4 +1,4 @@
-.\"    $OpenBSD: moduli.5,v 1.12 2008/06/26 05:57:54 djm Exp $
+.\"    $OpenBSD: moduli.5,v 1.13 2008/06/26 06:59:39 jmc Exp $
 .\"
 .\" Copyright (c) 2008 Damien Miller <djm@mindrot.org>
 .\"
@@ -22,7 +22,7 @@
 .Sh DESCRIPTION
 The
 .Pa /etc/moduli
-file contains prime numbers and generators for use by 
+file contains prime numbers and generators for use by
 .Xr sshd 8
 in the Diffie-Hellman Group Exchange key exchange method.
 .Pp
@@ -31,13 +31,13 @@ New moduli may be generated with
 using a two-step process.
 An initial
 .Em candidate generation
-pass, using 
+pass, using
 .Ic ssh-keygen -G ,
 calculates numbers that are likely to be useful.
 A second
 .Em primality testing
 pass, using
-.Ic ssh-keygen -T
+.Ic ssh-keygen -T ,
 provides a high degree of assurance that the numbers are prime and are
 safe for use in Diffie Hellman operations by
 .Xr sshd 8 .
@@ -46,9 +46,8 @@ This
 format is used as the output from each pass.
 .Pp
 The file consists of newline-separated records, one per modulus,
-containing seven space separated fields.
+containing seven space-separated fields.
 These fields are as follows:
-.Pp
 .Bl -tag -width Description -offset indent
 .It timestamp
 The time that the modulus was last processed as YYYYMMDDHHMMSS.
@@ -58,7 +57,7 @@ Supported types are:
 .Pp
 .Bl -tag -width 0x00 -compact
 .It 0
-Unknown, not tested
+Unknown, not tested.
 .It 2
 "Safe" prime; (p-1)/2 is also prime.
 .It 4
@@ -68,7 +67,7 @@ Sophie Germain; (p+1)*2 is also prime.
 Moduli candidates initially produced by
 .Xr ssh-keygen 1
 are Sophie Germain primes (type 4).
-Futher primality testing with
+Further primality testing with
 .Xr ssh-keygen 1
 produces safe prime moduli (type 2) that are ready for use in
 .Xr sshd 8 .
@@ -79,11 +78,11 @@ has been subjected to represented as a bitmask of the following values:
 .Pp
 .Bl -tag -width 0x00 -compact
 .It 0x00
-Not tested
+Not tested.
 .It 0x01
-Composite number - not prime.
+Composite number \(en not prime.
 .It 0x02
-Sieve of Eratosthenes
+Sieve of Eratosthenes.
 .It 0x04
 Probabalistic Miller-Rabin primality tests.
 .El
@@ -95,8 +94,8 @@ Subsequent
 .Xr ssh-keygen 1
 primality tests are Miller-Rabin tests (flag 0x04).
 .It trials
-Decimal number indicating of primaility trials that have been performed
-on the modulus.
+Decimal number indicating the number of primality trials
+that have been performed on the modulus.
 .It size
 Decimal number indicating the size of the prime in bits.
 .It generator
@@ -113,10 +112,9 @@ Diffie Hellman output to sufficiently key the selected symmetric cipher.
 then randomly selects a modulus from
 .Fa /etc/moduli
 that best meets the size requirement.
-.Pp
 .Sh SEE ALSO
 .Xr ssh-keygen 1 ,
-.Xr sshd 8 ,
+.Xr sshd 8
 .Rs
 .%R RFC 4419
 .%T "Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol"