Yes please. IMO, encryption without verification is as good as no encryption at all.
Also, note that even if we grant the assertion that MITM is impossible when using public key auth, you still can't trust data you obtain without checking the host key. That is, even if an attacker cannot steal your credentials and log in to the real server as you, they can pretend to be the server you wish to connect to and feed you bad data.
There are iOS apps that do this - iSSH and iTeleport both do, for instance.
Yes please. IMO, encryption without verification is as good as no encryption at all.
Also, note that even if we grant the assertion that MITM is impossible when using public key auth, you still can't trust data you obtain without checking the host key. That is, even if an attacker cannot steal your credentials and log in to the real server as you, they can pretend to be the server you wish to connect to and feed you bad data.
There are iOS apps that do this - iSSH and iTeleport both do, for instance.
Thanks for your consideration.