NetBSD wollte wohl Debian nicht ganz allein im Regen stehen lassen.

http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2013-003.txt.asc

"(...) Due to a programming error, pseudorandom numbers supplied with a warning of "insufficient entropy at creation" may only contain sizeof(int) bits of cryptographic randomness.

(...) All cryptographic keys generated on NetBSD 6 or NetBSD-current (prior to 2013-01-27) systems should be regenerated, unless it is certain that the system in question cannot have suffered a low-entropy condition
when the keys were generated.

In particular, since ECDSA ssh host keys are new in NetBSD 6 and are generated by /etc/rc.d/sshd at system boot if not yet present, it is likely that for systems that have been updated to NetBSD 6.0 or a netbsd-6 branch kernel before the fix date, ECDSA host keys have being considerably weakened by lack of actual randomness, especially since
with little system uptime stack contents will be more predictable than later.

For systems newly set up with NetBSD 6, all ssh host keys are suspect.

Other persistent cryptographic secrets (for example, SSH or SSL keys of
any type) generated using /dev/urandom on NetBSD 6 systems which may have
had insufficient entropy at key generation time may be impacted and should
be regenerated."