The article presents a novel method to prevent Man-in-the-Middle (MITM) attacks during the first SSH connection to a new VPS or cloud instance. The technique uses cloud-init to inject a temporary SSH host key, which is then used to securely establish the initial connection and retrieve the permanent host keys. This solution works across any cloud provider that supports cloud-init, addressing a common security vulnerability in cloud deployments.
Background
SSH connections are vulnerable to MITM attacks during the first connection when the host key is unknown, as users typically accept the key without verification. This is particularly risky in cloud environments where infrastructure is ephemeral and frequently recreated.
- Source
- Lobsters
- Published
- May 8, 2026 at 07:26 PM
- Score
- 7.0 / 10