diff --git a/fuzz-common.c b/fuzz-common.c
index d5fc9db4cd59945d83173844ba94023f17b71a53..4c5da70cf699fcc8b4fc9bb977b9d6fbeb9a611b 100644
--- a/fuzz-common.c
+++ b/fuzz-common.c
@@ -31,23 +31,7 @@ int fuzzer_set_input(const uint8_t *Data, size_t Size) {
 
     memset(&ses, 0x0, sizeof(ses));
     memset(&svr_ses, 0x0, sizeof(svr_ses));
-
-    // get prefix. input format is
-    // string prefix
-    //     uint32 wrapfd seed
-    //     ... to be extended later
-    // [bytes] ssh input stream
-
-    // be careful to avoid triggering buffer.c assertions
-    if (fuzz.input->len < 8) {
-        return DROPBEAR_FAILURE;
-    }
-    size_t prefix_size = buf_getint(fuzz.input);
-    if (prefix_size != 4) {
-        return DROPBEAR_FAILURE;
-    }
-    uint32_t wrapseed = buf_getint(fuzz.input);
-    wrapfd_setup(wrapseed);
+    wrapfd_setup();
 
     fuzz_seed();
 
diff --git a/fuzz-wrapfd.c b/fuzz-wrapfd.c
index c65ed38d252e626cd7e3125b743f226e74ef44a0..759ccbaf51793fa1f8b64afa8e84aa7a96df701c 100644
--- a/fuzz-wrapfd.c
+++ b/fuzz-wrapfd.c
@@ -26,13 +26,17 @@ static int wrap_used[IOWRAP_MAXFD+1];
 static unsigned int nused;
 static unsigned short rand_state[3];
 
-void wrapfd_setup(uint32_t seed) {
+void wrapfd_setup() {
 	TRACE(("wrapfd_setup %x", seed))
 	nused = 0;
 	memset(wrap_fds, 0x0, sizeof(wrap_fds));
 	memset(wrap_used, 0x0, sizeof(wrap_used));
 
 	memset(rand_state, 0x0, sizeof(rand_state));
+	wrapfd_setseed(50);
+}
+
+void wrapfd_setseed(uint32_t seed) {
 	*((uint32_t*)rand_state) = seed;
 	nrand48(rand_state);
 }
diff --git a/fuzz-wrapfd.h b/fuzz-wrapfd.h
index 9358c1a4b8cd9e509904dcfcaeb54985bdd58c55..04477b995fe4be2aedf29c3e56dc93c023b6b04a 100644
--- a/fuzz-wrapfd.h
+++ b/fuzz-wrapfd.h
@@ -10,7 +10,8 @@ enum wrapfd_mode {
     RANDOMIN,
 };
 
-void wrapfd_setup(uint32_t wrapseed);
+void wrapfd_setup();
+void wrapfd_setseed(uint32_t seed);
 // doesn't take ownership of buf. buf is optional.
 void wrapfd_add(int fd, buffer *buf, enum wrapfd_mode mode);
 
diff --git a/fuzz.h b/fuzz.h
index 8a5597620783ae47741404393e8d2906e42b4a66..ae1a3dcb8e9346b380ca510d8e290fcb60b96bc8 100644
--- a/fuzz.h
+++ b/fuzz.h
@@ -13,7 +13,8 @@
 void common_setup_fuzzer(void);
 void svr_setup_fuzzer(void);
 
-// once per input. returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE
+// must be called once per fuzz iteration. 
+// returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE
 int fuzzer_set_input(const uint8_t *Data, size_t Size);
 
 // fuzzer functions that intrude into general code
diff --git a/fuzzer-preauth.c b/fuzzer-preauth.c
index e1340da0b1cfcaa2810c7a07e3ee66f5886148ae..110624eba6075d77fdc14cb6c0f531baa800b711 100644
--- a/fuzzer-preauth.c
+++ b/fuzzer-preauth.c
@@ -19,6 +19,23 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
 		return 0;
 	}
 
+    // get prefix. input format is
+    // string prefix
+    //     uint32 wrapfd seed
+    //     ... to be extended later
+    // [bytes] ssh input stream
+
+    // be careful to avoid triggering buffer.c assertions
+    if (fuzz.input->len < 8) {
+        return 0;
+    }
+    size_t prefix_size = buf_getint(fuzz.input);
+    if (prefix_size != 4) {
+        return 0;
+    }
+    uint32_t wrapseed = buf_getint(fuzz.input);
+    wrapfd_setseed(wrapseed);
+
 	int fakesock = 1;
 	wrapfd_add(fakesock, fuzz.input, PLAIN);
 
diff --git a/fuzzer-pubkey.c b/fuzzer-pubkey.c
index bed0798c939d4f1290611cba16e53a693995cca4..a5ec96efdc9950a6c17f8c9781bb6a466091f5d7 100644
--- a/fuzzer-pubkey.c
+++ b/fuzzer-pubkey.c
@@ -14,26 +14,20 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
 		once = 1;
 	}
 
-	m_malloc_set_epoch(1);
-
-    fuzz_seed();
-    fuzz.input->data = (unsigned char*)Data;
-    fuzz.input->len = Size;
-    fuzz.input->size = Size;
-    fuzz.input->pos = 0;
+	if (fuzzer_set_input(Data, Size) == DROPBEAR_FAILURE) {
+		return 0;
+	}
 
-    if (Size < 4) {
-    	return 0;
-    }
+	m_malloc_set_epoch(1);
 
-    // choose a keytype based on input
-    uint8_t b = 0;
-    size_t i;
-    for (i = 0; i < Size; i++) {
-    	b ^= Data[i];
-    }
-    const char* algoname = fuzz_signkey_names[b%DROPBEAR_SIGNKEY_NUM_NAMED];
-    const char* keyblob = "fakekeyblob";
+	// choose a keytype based on input
+	uint8_t b = 0;
+	size_t i;
+	for (i = 0; i < Size; i++) {
+		b ^= Data[i];
+	}
+	const char* algoname = fuzz_signkey_names[b%DROPBEAR_SIGNKEY_NUM_NAMED];
+	const char* keyblob = "blob"; // keep short
 
 	if (setjmp(fuzz.jmp) == 0) {
 		fuzz_checkpubkey_line(fuzz.input, 5, "/home/me/authorized_keys",