94c6f8d
diff --git a/entropy.c b/entropy.c
1900351
index 1e9d52a..d24e724 100644
94c6f8d
--- a/entropy.c
94c6f8d
+++ b/entropy.c
1900351
@@ -227,6 +227,9 @@ seed_rng(void)
Jan F. Chadima 69dd72f
 	memset(buf, '\0', sizeof(buf));
Jan F. Chadima 69dd72f
 
Jan F. Chadima 69dd72f
 #endif /* OPENSSL_PRNG_ONLY */
Jan F. Chadima 69dd72f
+#ifdef __linux__
Jan F. Chadima 69dd72f
+	linux_seed();
Jan F. Chadima 69dd72f
+#endif /* __linux__ */
Jan F. Chadima 69dd72f
 	if (RAND_status() != 1)
Jan F. Chadima 69dd72f
 		fatal("PRNG is not seeded");
Jan F. Chadima 69dd72f
 }
94c6f8d
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
1900351
index 843225d..041bbab 100644
94c6f8d
--- a/openbsd-compat/Makefile.in
94c6f8d
+++ b/openbsd-compat/Makefile.in
94c6f8d
@@ -20,7 +20,7 @@ OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o di
Jan F. Chadima 69dd72f
 
1900351
 COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o
Jan F. Chadima 69dd72f
 
94c6f8d
-PORTS=port-aix.o port-irix.o port-linux.o port-linux-sshd.o port-solaris.o port-tun.o port-uw.o
94c6f8d
+PORTS=port-aix.o port-irix.o port-linux.o port-linux-sshd.o port-linux-prng.o port-solaris.o port-tun.o port-uw.o
Jan F. Chadima 69dd72f
 
Jan F. Chadima 69dd72f
 .c.o:
Jan F. Chadima 69dd72f
 	$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
94c6f8d
diff --git a/openbsd-compat/port-linux-prng.c b/openbsd-compat/port-linux-prng.c
94c6f8d
new file mode 100644
1900351
index 0000000..da84bf2
94c6f8d
--- /dev/null
94c6f8d
+++ b/openbsd-compat/port-linux-prng.c
Jan F. Chadima 69dd72f
@@ -0,0 +1,59 @@
Jan F. Chadima 69dd72f
+/* $Id: port-linux.c,v 1.11.4.2 2011/02/04 00:43:08 djm Exp $ */
Jan F. Chadima 69dd72f
+
Jan F. Chadima 69dd72f
+/*
Jan F. Chadima 69dd72f
+ * Copyright (c) 2011 Jan F. Chadima <jchadima@redhat.com>
Jan F. Chadima 69dd72f
+ *
Jan F. Chadima 69dd72f
+ * Permission to use, copy, modify, and distribute this software for any
Jan F. Chadima 69dd72f
+ * purpose with or without fee is hereby granted, provided that the above
Jan F. Chadima 69dd72f
+ * copyright notice and this permission notice appear in all copies.
Jan F. Chadima 69dd72f
+ *
Jan F. Chadima 69dd72f
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
Jan F. Chadima 69dd72f
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
Jan F. Chadima 69dd72f
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
Jan F. Chadima 69dd72f
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
Jan F. Chadima 69dd72f
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
Jan F. Chadima 69dd72f
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
Jan F. Chadima 69dd72f
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Jan F. Chadima 69dd72f
+ */
Jan F. Chadima 69dd72f
+
Jan F. Chadima 69dd72f
+/*
Jan F. Chadima 69dd72f
+ * Linux-specific portability code - prng support
Jan F. Chadima 69dd72f
+ */
Jan F. Chadima 69dd72f
+
Jan F. Chadima 69dd72f
+#include "includes.h"
Jan F. Chadima 69dd72f
+
Jan F. Chadima 69dd72f
+#include <errno.h>
Jan F. Chadima 69dd72f
+#include <stdarg.h>
Jan F. Chadima 69dd72f
+#include <string.h>
Jan F. Chadima 69dd72f
+#include <stdio.h>
Jan F. Chadima 69dd72f
+#include <openssl/rand.h>
Jan F. Chadima 69dd72f
+
Jan F. Chadima 69dd72f
+#include "log.h"
Jan F. Chadima 69dd72f
+#include "xmalloc.h"
1900351
+#include "misc.h"      /* servconf.h needs misc.h for struct ForwardOptions */
Jan F. Chadima 69dd72f
+#include "servconf.h"
Jan F. Chadima 69dd72f
+#include "port-linux.h"
Jan F. Chadima 69dd72f
+#include "key.h"
Jan F. Chadima 69dd72f
+#include "hostfile.h"
Jan F. Chadima 69dd72f
+#include "auth.h"
Jan F. Chadima 69dd72f
+
Jan F. Chadima 69dd72f
+void
Jan F. Chadima 69dd72f
+linux_seed(void)
Jan F. Chadima 69dd72f
+{
Jan F. Chadima 69dd72f
+	char *env = getenv("SSH_USE_STRONG_RNG");
Jan F. Chadima 69dd72f
+	char *random = "/dev/random";
1900351
+	size_t len, ienv, randlen = 14;
Jan F. Chadima 69dd72f
+
Jan F. Chadima 69dd72f
+	if (!env || !strcmp(env, "0"))
Jan F. Chadima 69dd72f
+		random = "/dev/urandom";
9acec07
+	else if ((ienv = atoi(env)) > randlen)
Jan F. Chadima 69dd72f
+		randlen = ienv;
Jan F. Chadima 69dd72f
+
Jan F. Chadima 69dd72f
+	errno = 0;
Jan F. Chadima 69dd72f
+	if ((len = RAND_load_file(random, randlen)) != randlen) {
Jan F. Chadima 69dd72f
+		if (errno)
Jan F. Chadima 69dd72f
+			fatal ("cannot read from %s, %s", random, strerror(errno));
Jan F. Chadima 69dd72f
+		else
Jan F. Chadima 69dd72f
+			fatal ("EOF reading %s", random);
Jan F. Chadima 69dd72f
+	}
Jan F. Chadima 69dd72f
+}
94c6f8d
diff --git a/ssh-add.0 b/ssh-add.0
1900351
index f16165a..17d22cf 100644
94c6f8d
--- a/ssh-add.0
94c6f8d
+++ b/ssh-add.0
8a29ded
@@ -82,6 +82,16 @@ ENVIRONMENT
251c8db
              Identifies the path of a UNIX-domain socket used to communicate
251c8db
              with the agent.
251c8db
 
251c8db
+     SSH_USE_STRONG_RNG
251c8db
+             The reseeding of the OpenSSL random generator is usually done
251c8db
+             from /dev/urandom.  If the SSH_USE_STRONG_RNG environment vari-
251c8db
+             able is set to value other than 0 the OpenSSL random generator is
251c8db
+             reseeded from /dev/random.  The number of bytes read is defined
9acec07
+             by the SSH_USE_STRONG_RNG value.  Minimum is 14 bytes.  This set-
251c8db
+             ting is not recommended on the computers without the hardware
251c8db
+             random generator because insufficient entropy causes the connec-
251c8db
+             tion to be blocked until enough entropy is available.
251c8db
+
251c8db
 FILES
251c8db
      ~/.ssh/identity
251c8db
              Contains the protocol version 1 RSA authentication identity of
94c6f8d
diff --git a/ssh-add.1 b/ssh-add.1
1900351
index 04d1840..db883a4 100644
94c6f8d
--- a/ssh-add.1
94c6f8d
+++ b/ssh-add.1
1900351
@@ -170,6 +170,20 @@ to make this work.)
251c8db
 Identifies the path of a
65ba94e
 .Ux Ns -domain
65ba94e
 socket used to communicate with the agent.
65ba94e
+.It Ev SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+The reseeding of the OpenSSL random generator is usually done from
Jan F. Chadima 69dd72f
+.Cm /dev/urandom .
Jan F. Chadima 69dd72f
+If the 
Jan F. Chadima 69dd72f
+.Cm SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+environment variable is set to value other than
Jan F. Chadima 69dd72f
+.Cm 0
Jan F. Chadima 69dd72f
+the OpenSSL random generator is reseeded from
Jan F. Chadima 69dd72f
+.Cm /dev/random .
Jan F. Chadima 69dd72f
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
9acec07
+Minimum is 14 bytes.
Jan F. Chadima 69dd72f
+This setting is not recommended on the computers without the hardware
Jan F. Chadima 69dd72f
+random generator because insufficient entropy causes the connection to 
Jan F. Chadima 69dd72f
+be blocked until enough entropy is available.
251c8db
 .El
65ba94e
 .Sh FILES
65ba94e
 .Bl -tag -width Ds
94c6f8d
diff --git a/ssh-agent.1 b/ssh-agent.1
1900351
index d7e791b..7332f0d 100644
94c6f8d
--- a/ssh-agent.1
94c6f8d
+++ b/ssh-agent.1
1900351
@@ -189,6 +189,24 @@ sockets used to contain the connection to the authentication agent.
65ba94e
 These sockets should only be readable by the owner.
65ba94e
 The sockets should get automatically removed when the agent exits.
Jan F. Chadima 69dd72f
 .El
Jan F. Chadima 69dd72f
+.Sh ENVIRONMENT
Jan F. Chadima 69dd72f
+.Bl -tag -width Ds -compact
Jan F. Chadima 69dd72f
+.Pp
Jan F. Chadima 69dd72f
+.It Pa SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+The reseeding of the OpenSSL random generator is usually done from
Jan F. Chadima 69dd72f
+.Cm /dev/urandom .
Jan F. Chadima 69dd72f
+If the 
Jan F. Chadima 69dd72f
+.Cm SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+environment variable is set to value other than
Jan F. Chadima 69dd72f
+.Cm 0
Jan F. Chadima 69dd72f
+the OpenSSL random generator is reseeded from
Jan F. Chadima 69dd72f
+.Cm /dev/random .
Jan F. Chadima 69dd72f
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
9acec07
+Minimum is 14 bytes.
Jan F. Chadima 69dd72f
+This setting is not recommended on the computers without the hardware
Jan F. Chadima 69dd72f
+random generator because insufficient entropy causes the connection to 
Jan F. Chadima 69dd72f
+be blocked until enough entropy is available.
Jan F. Chadima 69dd72f
+.El
Jan F. Chadima 69dd72f
 .Sh SEE ALSO
Jan F. Chadima 69dd72f
 .Xr ssh 1 ,
Jan F. Chadima 69dd72f
 .Xr ssh-add 1 ,
94c6f8d
diff --git a/ssh-keygen.1 b/ssh-keygen.1
1900351
index 276dacc..a09d9b1 100644
94c6f8d
--- a/ssh-keygen.1
94c6f8d
+++ b/ssh-keygen.1
1900351
@@ -841,6 +841,24 @@ Contains Diffie-Hellman groups used for DH-GEX.
94c6f8d
 The file format is described in
94c6f8d
 .Xr moduli 5 .
Jan F. Chadima 69dd72f
 .El
Jan F. Chadima 69dd72f
+.Sh ENVIRONMENT
Jan F. Chadima 69dd72f
+.Bl -tag -width Ds -compact
Jan F. Chadima 69dd72f
+.Pp
Jan F. Chadima 69dd72f
+.It Pa SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+The reseeding of the OpenSSL random generator is usually done from
Jan F. Chadima 69dd72f
+.Cm /dev/urandom .
Jan F. Chadima 69dd72f
+If the 
Jan F. Chadima 69dd72f
+.Cm SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+environment variable is set to value other than
Jan F. Chadima 69dd72f
+.Cm 0
Jan F. Chadima 69dd72f
+the OpenSSL random generator is reseeded from
Jan F. Chadima 69dd72f
+.Cm /dev/random .
Jan F. Chadima 69dd72f
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
9acec07
+Minimum is 14 bytes.
Jan F. Chadima 69dd72f
+This setting is not recommended on the computers without the hardware
Jan F. Chadima 69dd72f
+random generator because insufficient entropy causes the connection to 
Jan F. Chadima 69dd72f
+be blocked until enough entropy is available.
Jan F. Chadima 69dd72f
+.El
Jan F. Chadima 69dd72f
 .Sh SEE ALSO
94c6f8d
 .Xr ssh 1 ,
94c6f8d
 .Xr ssh-add 1 ,
94c6f8d
diff --git a/ssh-keysign.8 b/ssh-keysign.8
94c6f8d
index 69d0829..02d79f8 100644
94c6f8d
--- a/ssh-keysign.8
94c6f8d
+++ b/ssh-keysign.8
94c6f8d
@@ -80,6 +80,24 @@ must be set-uid root if host-based authentication is used.
94c6f8d
 If these files exist they are assumed to contain public certificate
94c6f8d
 information corresponding with the private keys above.
65ba94e
 .El
Jan F. Chadima 69dd72f
+.Sh ENVIRONMENT
Jan F. Chadima 69dd72f
+.Bl -tag -width Ds -compact
65ba94e
+.Pp
65ba94e
+.It Pa SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+The reseeding of the OpenSSL random generator is usually done from
Jan F. Chadima 69dd72f
+.Cm /dev/urandom .
Jan F. Chadima 69dd72f
+If the 
Jan F. Chadima 69dd72f
+.Cm SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+environment variable is set to value other than
Jan F. Chadima 69dd72f
+.Cm 0
Jan F. Chadima 69dd72f
+the OpenSSL random generator is reseeded from
Jan F. Chadima 69dd72f
+.Cm /dev/random .
Jan F. Chadima 69dd72f
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
9acec07
+Minimum is 14 bytes.
Jan F. Chadima 69dd72f
+This setting is not recommended on the computers without the hardware
Jan F. Chadima 69dd72f
+random generator because insufficient entropy causes the connection to 
Jan F. Chadima 69dd72f
+be blocked until enough entropy is available.
Jan F. Chadima 69dd72f
+.El
65ba94e
 .Sh SEE ALSO
65ba94e
 .Xr ssh 1 ,
94c6f8d
 .Xr ssh-keygen 1 ,
94c6f8d
diff --git a/ssh.1 b/ssh.1
1900351
index 4a476c2..410a04a 100644
94c6f8d
--- a/ssh.1
94c6f8d
+++ b/ssh.1
1900351
@@ -1299,6 +1299,23 @@ For more information, see the
94c6f8d
 .Cm PermitUserEnvironment
94c6f8d
 option in
94c6f8d
 .Xr sshd_config 5 .
Jan F. Chadima 69dd72f
+.Sh ENVIRONMENT
Jan F. Chadima 69dd72f
+.Bl -tag -width Ds -compact
94c6f8d
+.It Ev SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+The reseeding of the OpenSSL random generator is usually done from
Jan F. Chadima 69dd72f
+.Cm /dev/urandom .
Jan F. Chadima 69dd72f
+If the 
Jan F. Chadima 69dd72f
+.Cm SSH_USE_STRONG_RNG
Jan F. Chadima 69dd72f
+environment variable is set to value other than
Jan F. Chadima 69dd72f
+.Cm 0
Jan F. Chadima 69dd72f
+the OpenSSL random generator is reseeded from
Jan F. Chadima 69dd72f
+.Cm /dev/random .
Jan F. Chadima 69dd72f
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
9acec07
+Minimum is 14 bytes.
Jan F. Chadima 69dd72f
+This setting is not recommended on the computers without the hardware
Jan F. Chadima 69dd72f
+random generator because insufficient entropy causes the connection to 
Jan F. Chadima 69dd72f
+be blocked until enough entropy is available.
Jan F. Chadima 69dd72f
+.El
94c6f8d
 .Sh FILES
94c6f8d
 .Bl -tag -width Ds -compact
94c6f8d
 .It Pa ~/.rhosts
94c6f8d
diff --git a/sshd.8 b/sshd.8
1900351
index cb866b5..adcaaf9 100644
94c6f8d
--- a/sshd.8
94c6f8d
+++ b/sshd.8
1900351
@@ -945,6 +945,24 @@ concurrently for different ports, this contains the process ID of the one
94c6f8d
 started last).
94c6f8d
 The content of this file is not sensitive; it can be world-readable.
94c6f8d
 .El
8a29ded
+.Sh ENVIRONMENT
8a29ded
+.Bl -tag -width Ds -compact
94c6f8d
+.Pp
94c6f8d
+.It Pa SSH_USE_STRONG_RNG
8a29ded
+The reseeding of the OpenSSL random generator is usually done from
8a29ded
+.Cm /dev/urandom .
8a29ded
+If the 
8a29ded
+.Cm SSH_USE_STRONG_RNG
8a29ded
+environment variable is set to value other than
8a29ded
+.Cm 0
8a29ded
+the OpenSSL random generator is reseeded from
8a29ded
+.Cm /dev/random .
8a29ded
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
9acec07
+Minimum is 14 bytes.
8a29ded
+This setting is not recommended on the computers without the hardware
8a29ded
+random generator because insufficient entropy causes the connection to 
8a29ded
+be blocked until enough entropy is available.
8a29ded
+.El
94c6f8d
 .Sh IPV6
94c6f8d
 IPv6 address can be used everywhere where IPv4 address. In all entries must be the IPv6 address enclosed in square brackets. Note: The square brackets are metacharacters for the shell and must be escaped in shell.
94c6f8d
 .Sh SEE ALSO
31536c7
diff -up openssh-6.8p1/openbsd-compat/port-linux.h.coverity openssh-6.8p1/openbsd-compat/port-linux.h
31536c7
--- openssh-6.8p1/openbsd-compat/port-linux.h.coverity	2015-03-18 17:21:51.861264906 +0100
31536c7
+++ openssh-6.8p1/openbsd-compat/port-linux.h	2015-03-18 17:21:51.897264831 +0100
31536c7
@@ -37,4 +37,6 @@ void oom_adjust_restore(void);
31536c7
 void oom_adjust_setup(void);
31536c7
 #endif
31536c7
 
31536c7
+void linux_seed(void);
31536c7
+
31536c7
 #endif /* ! _PORT_LINUX_H */