> > 	it looks that "openssl genrsa" chews extremely high amount of
> > 	pseudo random numbers from /dev/urandom.  i'm still not sure about why.
>The problem is it treats /dev/urandom as a regular files that has an EOF; it
>requests to read "the whole file".  Obviously, that doens't work so well for
>a bottomless pit.
>/dev/urandom needs to be treated more like the "EGD" socket in OpenSSL.

	hmm, maybe i'm the culprit.  i've pulled openbsd change to
	open /dev/urandom on RAND_file_name failure (see
	crypto/dist/openssl/crypto/rand/randfile.c).  i should back it out.

itojun