You can also address TOFU to some extent using SSHFP DNS records.

Openssh supports checking the DNSSEC signature in the client, in theory, but it's a configure option and I'm not sure if distros build with it.

▲

jsiepkes 4 hours ago | parent | next [-]

On top of that you would need something to secure DNS. Like DNSSEC or at the very least use DNS with TLS or DNS over HTTP. None of these are typically enabled by default.

	▲	jcalvinowens 3 hours ago \| parent [-]
		Anything that uses system-resolved is probably doing DNSSEC validation by default. It's becoming much more common. Additionally, as I mentioned, openssh itself has support for validating the DNSSEC signature even if your local resolver doesn't. I actually don't think it can use the standard resolver for SSHFP records at all, but I'm not sure.

▲

fc417fc802 2 hours ago | parent | prev [-]

Any idea if there's a standardized location, something like /.well-known/ssh?