I understand symmetric and asymmetric encryption basics, mostly from this great su post.
I believe if the server only asks me for pwd it is not implementing asymmetric encryption but symmetric?
And is then insecure to interchange information? What is the main pitfall? And what is the role of the password it prompts me to?
It seems the password would only be required to restrict access to those resources, as the public key could be used. But then I don’t get how the shared key is safely exchanged, and how my password itself is hidden.
