Hi,
In the last decade using openssh I remember only one thing that I hope it
could be changed: Logging in to a host which is not yet known in my
.ssh/known_hosts it asks me something like
The authenticity of host 'xhost (192.168.100.1)' can't be
established.
RSA key fingerprint is c2:6b:6c:55:8a:1b:6b:13:8c:f1:b3:ef:65:67:a3:a7.
Are you sure you want to continue connecting (yes/no)?
That's all fine but if I'm doing it from a foreign client connecting to
my
own server, and a number of peoples looking over my shoulders, and me not
realizing the question, I may blindly start typing the password instead of
'yes', and everybody can read it on the screen.
I know that's me being stupid, and maybe no one else has done such
mistakes, but it has happened to me in the passed years and I wondered if
it would make sense to not echo the yes/no but instead print * or
something to prevent such stupid things to happen.
Have others been in the same situation and what do you think?
Regards,
Simon
