Lars - Hardening Diffie-Hellman by BSDNow.tv

New About Yours API Help
1.3 KB, Plain text
Great show!

Over on Mastodon[1], Peter Hessler posted about generating his own
moduli file for DH.
It looks interesting but can you guys explain the problem this might
solve and the pros and cons of this approach?  (Here is a quote of his
post, rewrapped slightly)

        To improve the security of my severs, I'm generating my own
        moduli file.  Having a different one from others makes certain
        precomputed attacks more difficult.

        """
        for i in 2048 3072 4096 6144 7680 8192 ; do
                ssh-keygen -G moduli-${i}.candidates -b $i;
        done

        for i in 2048 3072 4096 6144 7680 8192 ; do
                ssh-keygen -T moduli-${i} -f moduli-${i}.candidates;
        done

        cat moduli-???? > moduli; mv moduli /etc/moduli
        """

        This will take a few days....

A while back, there was something somewhat related [2] but which has
long since been  mitigated in OpenBSD:

$ awk '$5~/^[0-9]+$/ {print $5}' /etc/moduli | sort -n | uniq -c
  65 2047
  77 3071
  67 4095
  72 6143
  77 7679
  70 8191

$ uname -sr
OpenBSD 6.2

Thanks,
Lars

[1] https://mastodon.social/@phessler/98854480572133573

[2] https://stribika.github.io/2015/01/04/secure-secure-shell.html#key-exchange
Pasted 2 weeks ago — Expires in 351 days
URL: http://dpaste.com/3TRXXN4