Do not echo chars when asked for (yes/no)

Simon Matter simon.matter at
Mon May 31 17:06:41 EST 2010


In the last decade using openssh I remember only one thing that I hope it
could be changed: Logging in to a host which is not yet known in my
.ssh/known_hosts it asks me something like

The authenticity of host 'xhost (' can't be established.
RSA key fingerprint is c2:6b:6c:55:8a:1b:6b:13:8c:f1:b3:ef:65:67:a3:a7.
Are you sure you want to continue connecting (yes/no)?

That's all fine but if I'm doing it from a foreign client connecting to my
own server, and a number of peoples looking over my shoulders, and me not
realizing the question, I may blindly start typing the password instead of
'yes', and everybody can read it on the screen.

I know that's me being stupid, and maybe no one else has done such
mistakes, but it has happened to me in the passed years and I wondered if
it would make sense to not echo the yes/no but instead print * or
something to prevent such stupid things to happen.

Have others been in the same situation and what do you think?


More information about the openssh-unix-dev mailing list