Whenever a SSH connection is made, the server sends its key to the client,
and the client stores this key the first time a connection is made. In the
future, if someone has hijacked the server's IP address or something
equally nasty, they will (presumably) not have the same server SSH key
that your client received the first time, and your SSH client will warn
you about this. Generally, a host key will not change (though if a cluster
of systems share an IP address things could get complicated) and any time
it does change is a good reason to ask the remote side's sysadmin what's
up.
If you want to login without sending a password, look into
RSARhostsAuthentication, aka hostbased authentication. I'm not sure how
it's done in OpenSSH, but the SSH FAQ has detailed instructions for doing
it under SSH's brand of SSH.
--
Gregor Mosheh
[EMAIL PROTECTED]
Systems Admin, Humboldt Internet
707.825.4638
On Tue, 11 Jul 2000, Eduardo M. A. M. Mendes wrote:
> Hello
> I ahve just installed openssl on my lab I wonder whether an exprt
> could help me with the following
> queries:
>
> a) slogin xxx.yyy.zzz for the first time requests a yes or no answer
> regarding trusting the host. When
> I answer yes, what does it mean? Are all connections from now on
> secure?
> b) Is there a script that automatically slogin and send the password
> for an user?
>
> Thanks a lot.
>
> Eduardo
>
>
>
