[flumpcakes]

> Couldn’t the MITM ssh server just forward the client’s fingerprint to the legitimate server?

Fingerprints are derived from the certificates/private keys. Unless I don't understand some basic crypto, or SSH works in some obtuse way, I do not think it would be possible for the MITM attacker to present the server with the true client's fingerprint unless they also had had the client's private key.

[Groxx]

To try to add some explanation here: the server doesn't send the fingerprint. The server sends the public key, your computer just shows a fingerprint because it's more human-friendly and sufficiently secure.

If they forward the real key, so it matches the fingerprint, and you use it, they can't MITM the request because they can't read the contents.

[MaxBarraclough]

> Fingerprints are derived from the certificates/private keys

SSH fingerprints are derived from the public key. https://superuser.com/a/453022

[hnlmorg]

Ah thanks for the explanation. It’s been a long long time since I’ve delved this deeply into the topic.