SSH waits for the server key before it presents the client keys, right? Does this mean that different VMs from different users have the same key? (Or rather, all VMs have the same key? A quick look shows s00{1,2,3}.exe.xyz all having the same key.) So this is full MitM?

▲

unsnap_biceps 4 hours ago | parent | next [-]

You are correct, but I expect they instruct their users to run with a host key validation disabled ( StrictHostKeyChecking=no UserKnownHostsFile=/dev/null) , as they expect these are ephemeral instances.

▲

cortesoft 6 hours ago | parent | prev [-]

I mean, anytime you use the cloud for anything, you are giving MITM capabilities to the hosting provider. It is their hardware, their hypervisors... they can access anything inside the VMs

	▲	rwmj 2 hours ago \| parent \| next [-]
		Not if it's using Confidential Computing. Then you're trusting "only" the CPU vendor (plus probably the government of the country where that vendor is located), but you're trusting the CPU already.
	▲	yaur 5 hours ago \| parent \| prev \| next [-]
		This approach doesn't give access from the hypervisor to your private keys it gives access to other tenants to your private keys.
	▲	TZubiri 5 hours ago \| parent \| prev [-]
		I think the vulnerability would be that not only the host can now MITM, but other co-tenants would have the capability to bypass that MiTM protection.