Hi, I have been working on a portable LibreSSL build tree for a little while to test the waters: http://github.com/busterb/libressl Someone noticed an issue with the arc4random implementation that I originally grabbed from libbsd https://github.com/busterb/libressl/issues/1 So, I looked at how OpenSSH handles it, and noticed that it uses the random functions from OpenSSL unconditionally to seed the state of its version of arc4random. Regarding the new ‘build without OpenSSL’ flag here: http://article.gmane.org/gmane.os.openbsd.cvs/130612 it would be nice to have some feedback on this modified version of the OpenSSH portable arc4random that I incorporated, which seeds itself in the same manner as libbsd’s version: libbsd’s version: http://cgit.freedesktop.org/libbsd/tree/src/arc4random.c modified version: https://github.com/busterb/libressl/blob/master/crypto/compat/arc4random.c If the seed function here doesn’t seem suitable, perhaps we could come up with a common arc4random implementation that works portably for LibreSSL and OpenSSH, which also does not depend on OpenSSL’s random number generation. - Brent _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev