diff -urN openssh-4.5p1.orig/ssh-add.c openssh-4.5p1/ssh-add.c
--- openssh-4.5p1.orig/ssh-add.c	2006-09-01 07:38:37.000000000 +0200
+++ openssh-4.5p1/ssh-add.c	2006-11-23 22:05:41.000000000 +0100
@@ -42,6 +42,7 @@
 #include <sys/param.h>
 
 #include <openssl/evp.h>
+#include <openssl/engine.h>
 
 #include <fcntl.h>
 #include <pwd.h>
@@ -343,6 +344,11 @@
 
 	SSLeay_add_all_algorithms();
 
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+	ENGINE_set_default_ciphers(ENGINE_by_id("padlock"));
+
 	/* At first, get a connection to the authentication agent. */
 	ac = ssh_get_authentication_connection();
 	if (ac == NULL) {
diff -urN openssh-4.5p1.orig/ssh-agent.c openssh-4.5p1/ssh-agent.c
--- openssh-4.5p1.orig/ssh-agent.c	2006-10-23 19:01:16.000000000 +0200
+++ openssh-4.5p1/ssh-agent.c	2006-11-23 22:06:06.000000000 +0100
@@ -51,6 +51,7 @@
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
+#include <openssl/engine.h>
 
 #include <errno.h>
 #include <fcntl.h>
@@ -1044,6 +1045,11 @@
 
 	SSLeay_add_all_algorithms();
 
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+	ENGINE_set_default_ciphers(ENGINE_by_id("padlock"));
+
 	__progname = ssh_get_progname(av[0]);
 	init_rng();
 	seed_rng();
diff -urN openssh-4.5p1.orig/ssh-keygen.c openssh-4.5p1/ssh-keygen.c
--- openssh-4.5p1.orig/ssh-keygen.c	2006-11-07 13:14:42.000000000 +0100
+++ openssh-4.5p1/ssh-keygen.c	2006-11-23 22:06:33.000000000 +0100
@@ -21,6 +21,7 @@
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>
 
 #include <errno.h>
 #include <fcntl.h>
@@ -1074,6 +1075,12 @@
 	__progname = ssh_get_progname(av[0]);
 
 	SSLeay_add_all_algorithms();
+
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+	ENGINE_set_default_ciphers(ENGINE_by_id("padlock"));
+
 	log_init(av[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
 
 	init_rng();
diff -urN openssh-4.5p1.orig/ssh-keysign.c openssh-4.5p1/ssh-keysign.c
--- openssh-4.5p1.orig/ssh-keysign.c	2006-09-01 07:38:37.000000000 +0200
+++ openssh-4.5p1/ssh-keysign.c	2006-11-23 22:06:50.000000000 +0100
@@ -38,6 +38,7 @@
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/rsa.h>
+#include <openssl/engine.h>
 
 #include "xmalloc.h"
 #include "log.h"
@@ -195,6 +196,12 @@
 		fatal("could not open any host key");
 
 	SSLeay_add_all_algorithms();
+
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+	ENGINE_set_default_ciphers(ENGINE_by_id("padlock"));
+
 	for (i = 0; i < 256; i++)
 		rnd[i] = arc4random();
 	RAND_seed(rnd, sizeof(rnd));
diff -urN openssh-4.5p1.orig/ssh.c openssh-4.5p1/ssh.c
--- openssh-4.5p1.orig/ssh.c	2006-10-23 19:01:16.000000000 +0200
+++ openssh-4.5p1/ssh.c	2006-11-23 22:08:48.000000000 +0100
@@ -72,6 +72,7 @@
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
+#include <openssl/engine.h>
 
 #include "xmalloc.h"
 #include "ssh.h"
@@ -556,6 +557,11 @@
 	SSLeay_add_all_algorithms();
 	ERR_load_crypto_strings();
 
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+	ENGINE_set_default_ciphers(ENGINE_by_id("padlock"));
+
 	/* Initialize the command to execute on remote host. */
 	buffer_init(&command);
 
diff -urN openssh-4.5p1.orig/sshd.c openssh-4.5p1/sshd.c
--- openssh-4.5p1.orig/sshd.c	2006-11-07 13:14:42.000000000 +0100
+++ openssh-4.5p1/sshd.c	2006-11-23 22:08:16.000000000 +0100
@@ -75,6 +75,7 @@
 #include <openssl/bn.h>
 #include <openssl/md5.h>
 #include <openssl/rand.h>
+#include <openssl/engine.h>
 #ifdef HAVE_SECUREWARE
 #include <sys/security.h>
 #include <prot.h>
@@ -1026,6 +1027,11 @@
 	for (i = 0; i < options.max_startups; i++)
 		startup_pipes[i] = -1;
 
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+	ENGINE_set_default_ciphers(ENGINE_by_id("padlock"));
+
 	/*
 	 * Stay listening for connections until the system crashes or
 	 * the daemon is killed with a signal.
