The author of this post understands that private keys are never exchanged. Read it more carefully.
replyHow do you compare? What trusted channel do you use to retrieve the real public key?
replyPublic keys go over untrusted channels. That's why they're public.
replyI'm not confident you understand how crypto works.
You do realize the entire threat model here is a house of cards perched atop someone else's software hosted on someone else's hardware all of which you implicitly trust and discard in favor of some unlikely cloak and dagger interception scheme.
Public keys can go over channels that an attacker can read. They cannot go over channels that an attacker can modify. (Which would include the SSH connection itself, until such time as you’ve verified the key through a trustworthy channel.)
replyA public key is useless without the private key. Which the attacker in this unlikely scenario doesn't have.
replySo you login the first time and they either match, or they don't. If they don't you start over. The end.
Ignore the fact that most people will probably use the box to host a poorly coded vulnerable service anyway.
If you’re being MITM’d, they’ll also match, because you’ll end up connected to an environment of the attacker’s choosing.
reply> in favor of some unlikely cloak and dagger interception scheme
replysomeone who definitely understands how crypto works, describing the most basic possible MITM