diff --git a/SOURCES/openssh-8.0p1-entropy.patch b/SOURCES/openssh-8.0p1-entropy.patch
new file mode 100644
index 0000000..dedc7c8
--- /dev/null
+++ b/SOURCES/openssh-8.0p1-entropy.patch
@@ -0,0 +1,282 @@
+diff --git a/entropy.c b/entropy.c
+index 2d483b3..b361a04 100644
+--- a/entropy.c
++++ b/entropy.c
+@@ -234,6 +234,9 @@ seed_rng(void)
+ }
+ #endif /* OPENSSL_PRNG_ONLY */
+
++#ifdef __linux__
++ linux_seed();
++#endif /* __linux__ */
+ if (RAND_status() != 1)
+ fatal("PRNG is not seeded");
+
+diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
+index b912dbe..9206337 100644
+--- a/openbsd-compat/Makefile.in
++++ b/openbsd-compat/Makefile.in
+@@ -20,6 +20,7 @@ OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o di
+ port-solaris.o \
+ port-net.o \
+ port-uw.o \
++ port-linux-prng.o \
+ port-linux-sshd.o
+
+ .c.o:
+diff -up openssh-7.4p1/openbsd-compat/port-linux.h.entropy openssh-7.4p1/openbsd-compat/port-linux.h
+--- openssh-7.4p1/openbsd-compat/port-linux.h.entropy 2016-12-23 18:34:27.747753563 +0100
++++ openssh-7.4p1/openbsd-compat/port-linux.h 2016-12-23 18:34:27.769753570 +0100
+@@ -34,4 +34,6 @@ void oom_adjust_restore(void);
+ void oom_adjust_setup(void);
+ #endif
+
++void linux_seed(void);
++
+ #endif /* ! _PORT_LINUX_H */
+diff --git a/openbsd-compat/port-linux-prng.c b/openbsd-compat/port-linux-prng.c
+new file mode 100644
+index 0000000..92a617c
+--- /dev/null
++++ b/openbsd-compat/port-linux-prng.c
+@@ -0,0 +1,70 @@
++/*
++ * Copyright (c) 2011 - 2020 Red Hat, Inc.
++ *
++ * Authors:
++ * Jan F. Chadima <jchadima@redhat.com>
++ * Jakub Jelen <jjelen@redhat.com>
++ *
++ * Permission to use, copy, modify, and distribute this software for any
++ * purpose with or without fee is hereby granted, provided that the above
++ * copyright notice and this permission notice appear in all copies.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++ */
++
++/*
++ * Linux-specific portability code - prng support
++ */
++
++#include "includes.h"
++
++#include <errno.h>
++#include <string.h>
++#include <openssl/rand.h>
++#include <sys/random.h>
++
++#include "log.h"
++
++void
++linux_seed(void)
++{
++ char *env = NULL;
++ size_t randlen = 14, left;
++ unsigned int flags = 0;
++ unsigned char buf[256], *p;
++
++ env = getenv("SSH_USE_STRONG_RNG");
++ if (env && strcmp(env, "0") != 0) {
++ size_t ienv = atoi(env);
++
++ /* Max on buffer length */
++ if (ienv > sizeof(buf))
++ ienv = sizeof(buf);
++ /* Minimum is always 14 B */
++ if (ienv > randlen)
++ randlen = ienv;
++ flags = GRND_RANDOM;
++ }
++
++ errno = 0;
++ left = randlen;
++ p = buf;
++ do {
++ ssize_t len = getrandom(p, left, flags);
++ if (len == -1) {
++ if (errno != EINTR)
++ fatal("Failed to seed from getrandom: %s", strerror(errno));
++ } else if (len > 0) {
++ left -= len;
++ p += len;
++ }
++ } while (left > 0);
++
++ RAND_seed(buf, randlen);
++}
+diff --git a/ssh-add.1 b/ssh-add.1
+index 4812448..16305bf 100644
+--- a/ssh-add.1
++++ b/ssh-add.1
+@@ -161,6 +161,20 @@ to make this work.)
+ Identifies the path of a
+ .Ux Ns -domain
+ socket used to communicate with the agent.
++.It Ev SSH_USE_STRONG_RNG
++The reseeding of the OpenSSL random generator is usually done from
++.Cm /dev/urandom .
++If the
++.Cm SSH_USE_STRONG_RNG
++environment variable is set to value other than
++.Cm 0
++the OpenSSL random generator is reseeded from
++.Cm /dev/random .
++The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
++Minimum is 14 bytes.
++This setting is not recommended on the computers without the hardware
++random generator because insufficient entropy causes the connection to
++be blocked until enough entropy is available.
+ .El
+ .Sh FILES
+ .Bl -tag -width Ds
+diff --git a/ssh-agent.1 b/ssh-agent.1
+index 281ecbd..1a9a635 100644
+--- a/ssh-agent.1
++++ b/ssh-agent.1
+@@ -201,6 +201,24 @@ sockets used to contain the connection to the authentication agent.
+ These sockets should only be readable by the owner.
+ The sockets should get automatically removed when the agent exits.
+ .El
++.Sh ENVIRONMENT
++.Bl -tag -width Ds -compact
++.Pp
++.It Pa SSH_USE_STRONG_RNG
++The reseeding of the OpenSSL random generator is usually done from
++.Cm /dev/urandom .
++If the
++.Cm SSH_USE_STRONG_RNG
++environment variable is set to value other than
++.Cm 0
++the OpenSSL random generator is reseeded from
++.Cm /dev/random .
++The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
++Minimum is 14 bytes.
++This setting is not recommended on the computers without the hardware
++random generator because insufficient entropy causes the connection to
++be blocked until enough entropy is available.
++.El
+ .Sh SEE ALSO
+ .Xr ssh 1 ,
+ .Xr ssh-add 1 ,
+diff --git a/ssh-keygen.1 b/ssh-keygen.1
+index 12e00d4..1b51a4a 100644
+--- a/ssh-keygen.1
++++ b/ssh-keygen.1
+@@ -832,6 +832,24 @@ Contains Diffie-Hellman groups used for DH-GEX.
+ The file format is described in
+ .Xr moduli 5 .
+ .El
++.Sh ENVIRONMENT
++.Bl -tag -width Ds -compact
++.Pp
++.It Pa SSH_USE_STRONG_RNG
++The reseeding of the OpenSSL random generator is usually done from
++.Cm /dev/urandom .
++If the
++.Cm SSH_USE_STRONG_RNG
++environment variable is set to value other than
++.Cm 0
++the OpenSSL random generator is reseeded from
++.Cm /dev/random .
++The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
++Minimum is 14 bytes.
++This setting is not recommended on the computers without the hardware
++random generator because insufficient entropy causes the connection to
++be blocked until enough entropy is available.
++.El
+ .Sh SEE ALSO
+ .Xr ssh 1 ,
+ .Xr ssh-add 1 ,
+diff --git a/ssh-keysign.8 b/ssh-keysign.8
+index 69d0829..02d79f8 100644
+--- a/ssh-keysign.8
++++ b/ssh-keysign.8
+@@ -80,6 +80,24 @@ must be set-uid root if host-based authentication is used.
+ If these files exist they are assumed to contain public certificate
+ information corresponding with the private keys above.
+ .El
++.Sh ENVIRONMENT
++.Bl -tag -width Ds -compact
++.Pp
++.It Pa SSH_USE_STRONG_RNG
++The reseeding of the OpenSSL random generator is usually done from
++.Cm /dev/urandom .
++If the
++.Cm SSH_USE_STRONG_RNG
++environment variable is set to value other than
++.Cm 0
++the OpenSSL random generator is reseeded from
++.Cm /dev/random .
++The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
++Minimum is 14 bytes.
++This setting is not recommended on the computers without the hardware
++random generator because insufficient entropy causes the connection to
++be blocked until enough entropy is available.
++.El
+ .Sh SEE ALSO
+ .Xr ssh 1 ,
+ .Xr ssh-keygen 1 ,
+diff --git a/ssh.1 b/ssh.1
+index 929904b..f65e42f 100644
+--- a/ssh.1
++++ b/ssh.1
+@@ -1309,6 +1309,23 @@ For more information, see the
+ .Cm PermitUserEnvironment
+ option in
+ .Xr sshd_config 5 .
++.Sh ENVIRONMENT
++.Bl -tag -width Ds -compact
++.It Ev SSH_USE_STRONG_RNG
++The reseeding of the OpenSSL random generator is usually done from
++.Cm /dev/urandom .
++If the
++.Cm SSH_USE_STRONG_RNG
++environment variable is set to value other than
++.Cm 0
++the OpenSSL random generator is reseeded from
++.Cm /dev/random .
++The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
++Minimum is 14 bytes.
++This setting is not recommended on the computers without the hardware
++random generator because insufficient entropy causes the connection to
++be blocked until enough entropy is available.
++.El
+ .Sh FILES
+ .Bl -tag -width Ds -compact
+ .It Pa ~/.rhosts
+diff --git a/sshd.8 b/sshd.8
+index c2c237f..058d37a 100644
+--- a/sshd.8
++++ b/sshd.8
+@@ -951,6 +951,24 @@ concurrently for different ports, this contains the process ID of the one
+ started last).
+ The content of this file is not sensitive; it can be world-readable.
+ .El
++.Sh ENVIRONMENT
++.Bl -tag -width Ds -compact
++.Pp
++.It Pa SSH_USE_STRONG_RNG
++The reseeding of the OpenSSL random generator is usually done from
++.Cm /dev/urandom .
++If the
++.Cm SSH_USE_STRONG_RNG
++environment variable is set to value other than
++.Cm 0
++the OpenSSL random generator is reseeded from
++.Cm /dev/random .
++The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
++Minimum is 14 bytes.
++This setting is not recommended on the computers without the hardware
++random generator because insufficient entropy causes the connection to
++be blocked until enough entropy is available.
++.El
+ .Sh IPV6
+ IPv6 address can be used everywhere where IPv4 address. In all entries must be the IPv6 address enclosed in square brackets. Note: The square brackets are metacharacters for the shell and must be escaped in shell.
+ .Sh SEE ALSO
+
diff --git a/SOURCES/sshd.sysconfig b/SOURCES/sshd.sysconfig
index 6c2bff9..de7f0c6 100644
--- a/SOURCES/sshd.sysconfig
+++ b/SOURCES/sshd.sysconfig
@@ -6,6 +6,12 @@
# of DSA key or systemctl mask sshd-keygen@rsa.service to disable RSA key
# creation.
+# Do not change this option unless you have hardware random
+# generator and you REALLY know what you are doing
+
+SSH_USE_STRONG_RNG=0
+# SSH_USE_STRONG_RNG=1
+
# System-wide crypto policy:
# To opt-out, uncomment the following line
# CRYPTO_POLICY=
diff --git a/SPECS/openssh.spec b/SPECS/openssh.spec
index 6784355..0a4b2ea 100644
--- a/SPECS/openssh.spec
+++ b/SPECS/openssh.spec
@@ -66,7 +66,7 @@
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
%global openssh_ver 8.0p1
-%global openssh_rel 3
+%global openssh_rel 4
%global pam_ssh_agent_ver 0.10.3
%global pam_ssh_agent_rel 7
@@ -216,6 +216,8 @@ Patch963: openssh-8.0p1-openssl-evp.patch
Patch964: openssh-8.0p1-openssl-kdf.patch
# Use new OpenSSL for PEM export to avoid MD5 dependency (#1712436)
Patch965: openssh-8.0p1-openssl-pem.patch
+# Seed from dev/random if requested (#1785655)
+Patch966: openssh-8.0p1-entropy.patch
License: BSD
Group: Applications/Internet
@@ -431,6 +433,7 @@ popd
%patch963 -p1 -b .openssl-evp
%patch964 -p1 -b .openssl-kdf
%patch965 -p1 -b .openssl-pem
+%patch966 -p1 -b .entropy
%patch200 -p1 -b .audit
%patch201 -p1 -b .audit-race
@@ -733,6 +736,9 @@ getent passwd sshd >/dev/null || \
%endif
%changelog
+* Wed Jan 08 2020 Jakub Jelen <jjelen@redhat.com> - 8.0p1-4 + 0.10.3-7
+- Restore entropy patch for CC certification (#1785655)
+
* Tue Jul 23 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-3 + 0.10.3-7
- Fix typos in manual pages (#1668325)
- Use the upstream support for PKCS#8 PEM files alongside with the legacy PEM files (#1712436)