--- openssh-5.2p1/ssh-add.c
+++ openssh-5.2p1/ssh-add.c
@@ -43,6 +43,7 @@
 
 #include <openssl/evp.h>
 #include "openbsd-compat/openssl-compat.h"
+#include <openssl/engine.h>
 
 #include <fcntl.h>
 #include <pwd.h>
@@ -344,6 +345,10 @@
 
 	SSLeay_add_all_algorithms();
 
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+
 	/* At first, get a connection to the authentication agent. */
 	ac = ssh_get_authentication_connection();
 	if (ac == NULL) {
--- openssh-5.2p1/ssh-agent.c
+++ openssh-5.2p1/ssh-agent.c
@@ -52,6 +52,7 @@
 #include <openssl/evp.h>
 #include <openssl/md5.h>
 #include "openbsd-compat/openssl-compat.h"
+#include <openssl/engine.h>
 
 #include <errno.h>
 #include <fcntl.h>
@@ -1076,6 +1077,10 @@
 
 	SSLeay_add_all_algorithms();
 
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+
 	__progname = ssh_get_progname(av[0]);
 	init_rng();
 	seed_rng();
--- openssh-5.2p1/ssh-keygen.c
+++ openssh-5.2p1/ssh-keygen.c
@@ -22,6 +22,7 @@
 #include <openssl/evp.h>
 #include <openssl/pem.h>
 #include "openbsd-compat/openssl-compat.h"
+#include <openssl/engine.h>
 
 #include <errno.h>
 #include <fcntl.h>
@@ -1099,6 +1100,11 @@
 	__progname = ssh_get_progname(argv[0]);
 
 	SSLeay_add_all_algorithms();
+
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+
 	log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
 
 	init_rng();
--- openssh-5.2p1/ssh-keysign.c
+++ openssh-5.2p1/ssh-keysign.c
@@ -38,6 +38,7 @@
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/rsa.h>
+#include <openssl/engine.h>
 
 #include "xmalloc.h"
 #include "log.h"
@@ -195,6 +196,11 @@
 		fatal("could not open any host key");
 
 	SSLeay_add_all_algorithms();
+
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+
 	for (i = 0; i < 256; i++)
 		rnd[i] = arc4random();
 	RAND_seed(rnd, sizeof(rnd));
--- openssh-5.2p1/ssh.c
+++ openssh-5.2p1/ssh.c
@@ -73,6 +73,7 @@
 #include <openssl/err.h>
 #include "openbsd-compat/openssl-compat.h"
 #include "openbsd-compat/sys-queue.h"
+#include <openssl/engine.h>
 
 #include "xmalloc.h"
 #include "ssh.h"
@@ -550,6 +551,10 @@
 	SSLeay_add_all_algorithms();
 	ERR_load_crypto_strings();
 
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+
 	/* Initialize the command to execute on remote host. */
 	buffer_init(&command);
 
--- openssh-5.2p1/sshd.c
+++ openssh-5.2p1/sshd.c
@@ -77,6 +77,7 @@
 #include <openssl/md5.h>
 #include <openssl/rand.h>
 #include "openbsd-compat/openssl-compat.h"
+#include <openssl/engine.h>
 
 #ifdef HAVE_SECUREWARE
 #include <sys/security.h>
@@ -1415,6 +1416,10 @@
 
 	SSLeay_add_all_algorithms();
 
+	/* Init available hardware crypto engines. */
+	ENGINE_load_builtin_engines();
+	ENGINE_register_all_complete();
+
 	/*
 	 * Force logging to stderr until we have loaded the private host
 	 * key (unless started from inetd)