hi @schoen
Thanks for sharing. Learn soemething new every day!
Usually our customers know the host RSA keys (this is part of the onboarding process)
E.g.
Customer A
- please give me your public SSH key
- here is my host key - if you see anything but my host key do not trust it
- ssh allows for the host key to be specified in the connect string (which is equivalent to PKI validation)
e.g
“open sftp://xxx:xxxx@YYYY/ -hostkey=”“ssh-rsa 2048 02:12:8a:3a:4d:e4:60:1b:9a:3c:13:33:f3:85:e7:7f”""
Andrei