There's asynchronous encryption being used in SSH, meaning that there's a pair of keys. The private one is known by the server only. The public one is the one you see (actually you see only fingerprint of it). The two key are mathematically related in a way that something encrypted using either of them can be decoded using the latter one only. So SSH client (like WinSCP) encrypts everything it sends to the server using its public key (the host key), which ensures that only the proper server can decode it, as it is the only one knowing the private key. So there's no problem for the fake server to send you forged host key of another server. Problem is that it would not be able to decode anything the SSH clients sends to it (including your password), as it does not know the related private key.

Hi Martin,

I'm sitting with a dilemma in trusting a server's Host Key fingerprint before password exchange.

Support Text: "To prevent this attack, each server has a unique identifying code, called a host key. These keys are created in a way that prevents one server from forging another server's key. So if you connect to a server and it sends you a different host key from the one you were expecting, PuTTY can warn you that the server may have been switched and that a spoofing attack might be in progress."

My question/s is/are in what way is the keys created that prevent a server from forging's another server's host key?

If I have another server's host key I can spoof being that server if I can intercept clients logging into that server, correct?

What mechanism can actually prevent this and how would the client actually still authenticate a server before logging on to it?

Thanks, :mrgreen: