It asks that question when it encounters a host for which it doesn't have
the public key. The question basically means: Do you want to trust
this connection to give you the real hostkey? It's generally safer to
transport the keys via floppy or some other secure medium to ensure that
no one is modifing your datastream, but if your ok with the risks, it just
transfers the host public key to you. It then has the host's key and uses
that key to verify the host's identity.
Sending a password automatically detracts from the effectiveness of having
a password, so unless you get a hacked version of ssl, I'm pretty sure
that you cannot send a password very easily. You might be able to do it by
piping data to ssl at startup, but I'm not sure how to return the stream
to the console. Anyone know about this?
-=-=-=-=-=-=-=-Previous Message(s)-=-=-=-=-=-=-=-
> Hello
> I ahve just installed openssl on my lab I wonder whether an exprt
> could help me with the following
> queries:
>
> a) slogin xxx.yyy.zzz for the first time requests a yes or no answer
> regarding trusting the host. When
> I answer yes, what does it mean? Are all connections from now on
> secure?
> b) Is there a script that automatically slogin and send the password
> for an user?
>
> Thanks a lot.
>
> Eduardo
>
