This question is primarily for Damien, but if anybody else knows the answer please chime in. Why is it that on systems with no /dev/random or PRNGD or EGD (and I have a lot of Solaris systems in this situation because I don't have root access on them) that the OpenSSH 'ssh' command has to run through all those ssh_prng_cmds every time it starts up? Why doesn't ~/.ssh/prng_seed give it enough initial entropy? The old SSH 1.2.27 'ssh' command got away with using only ~/.ssh/random_seed, which it initializes by running a lot of system commands the first time it is run. Was that not secure enough? I don't recall seeing anybody claiming it wasn't. I can't see why it wouldn't be secure, because if you assume the client machine hasn't been compromised (and able to observe the seed file) there should be no way that a cracker should be able to guess what number will be chosen in the future just by observing the numbers that are being chosen in the past and transferred over the wire. If there's no fundamental reason why it can't be done that way and you'd consider accepting a patch, I'll work on it. - Dave Dykstra