I'm no security expert, and I know what I'm gonna say is bad, but I don't find host key verification to be the most important part of securing client tools like Cargo, rather the opposite, to me, it's the last thing you have to secure.

I believe the potential for attack only exists in a tiny specific case where the initial connection was trusted and successful, and an attacker goes through some trouble just to impersonate the server, when we forget one important thing, that the initial connection "trust" was extremely weak, like just prompt the user for confirmation, providing information that is shrugged off by 95% of users because they don't know what to check or what is expected of them. So MITM could happen in the initial connection, and host key verification would have achieved nothing.

But it's entirely possible that I've completely misunderstood this verification, because I've never really looked into it.

From what I can gather, ssh host key verification is just a way of doing pre-shared key authentication (of the server) that is easy to bypass (by design) in case you decide you don't care.

In an ideal world everyone everywhere has a side-channel through which they can affirmatively correlate host keys, for example getting a new VM in azure would tell you its host key fingerprint along with login details. in the real world nobody does check, but if you really wanted to or if your application is sensitive enough, you can, and without having to enable an option/use a different binary/etc.

Recently I redeployed one of my VMs and the host key was regenerated, and it turns out ssh straight up tells you how to invalidate the host key cache. It has big bold warnings of course but we all know how that works.

Huh I was told that rust is safe...