Configure source. Summary says "using internal random # generator" Sun has created a patch for Solaris8 that provides a PRNG /dev/random (I understand Solaris9 comes with PRNG by default). Solaris8: http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=112438&rev=01 It would seem OpenSSH would be more scalable in Enterprise environment if could use native PRNG device instead of "internal pseudo-random device". Note -- I don't know the technical details of this ... and ... I'm sure there's a great explanation for why latest Openssh uses internal device. Just an FYI ... -GA
Please recompile OpenSSL to understand where your /dev/random device is.
When configure says "Random number source: OpenSSL internal ONLY" it means that it's using /dev/urandom. "Random number source: ssh-rand-helper" is the external entropy collector. Regardless, the openssl libraries will use /dev/urandom if it exists. (You may need to recompile openssl, but I don't think so). From openssl's e_os.h (typo and all :-) : #ifndef DEVRANDOM /* set this to your 'random' device if you have one. * My default, we will try to read this file */ #define DEVRANDOM "/dev/urandom" #endif For maximum portability, when building packages I use "./configure --with-rand-helper". That way /dev/urandom will be used if it exists, but if it doesn't then the random helper will be used. This lets us use the same binaries on machines with and without the /dev/random patch.
Mass change of RESOLVED bugs to CLOSED