> From: Damien Miller <djm@xxxxxxxxxxx> On September 20, 2020 7:29 PM, Damien Miller wrote: > On Sun, 20 Sep 2020, Randall S. Becker wrote: > > > On September 20, 2020 2:02 AM, Damien Miller wrote: > > > OpenSSH 8.4p1 is almost ready for release, so we would appreciate > > > testing on as many platforms and systems as possible. This is a bugfix > release. > > > > I will be testing this shortly on HPE NonStop platforms. > > > > Side question: We now have access to the hardware random generator and > > can decouple for PRNGD. Any guidance on how to do that would be > > appreciated. We would be happy to contribute the platform changes as > > well associated with this and the port changes. > > If you add support for the hardware RNG to libcrypto then OpenSSH will use > it automatically (assuming you haven't built --without-openssl). This would > also have the benefit of everything else that uses libcrypto/libssl pick up > support too. I do not build with --without-openssl, so that probably is a good thing. I have more control on our Itanium platform so can test with OpenSSL 3.0 before it goes to GA, but have to wait for the x86 platform until after that point. It's a matter of policy. Good to know anyway that changes picked up via OpenSSL will remove the dependency on PRNGD - somewhat of a RandallBane in my view. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
