ssh-keyscan: How confirm that the public keys asked and received are really authentic?

In the **server** exists in the /etc/ssh/ directory files such as: ssh_hosts_rsa_key.pub ssh_hosts_ecdsa_key.pub ssh_hosts_ed25519_key.pub They contain the public keys according with a key type, such as rsa, ecdsa etc If in the **client** are executed the following commands: # Retrieve and Show all the public keys content ssh-keyscan 192.168.1.X # Retrieve all the public keys content and Show the fingerprint of them ssh-keyscan 192.168.1.X | ssh-keygen -lf - The outputs are the public keys and fingerprint respectively ### Observation * The data shown through the ssh-keyscan command comes from the files available in the /etc/ssh directory located in the server ### Concern * I read in the web that the server could be replaced by one fake OR the communication between the client/server can be intercepted and therefore compromised So therefore even is if executed the following command: ssh-keyscan [-H] 192.168.1.X >> ~/home//public_keys Where public_keys is a custom file just to keep the data received from the server and do later a verification/analysis. So ... **Question** * How confirm that the _public keys_ asked and received through the ssh-keygen command are really authentic? The purpose is avoid execute ssh-keyscan [-H] 192.168.1.X >> ~/.ssh/known_hosts and add tainted data in the ~/.ssh/known_hosts file, and finally send crucial data to a fake destination, starting with the _public key_ of the client itself. I thought the admin in the server would share to the client these .pub files, it through * by email * by a ftp access and thus the client can: * use the mentioned public_keys file to do a simple comparison with content of the .pub files. Should be equal * use the ssh-keygen command with the -lvf options to generate the fingerprint directly of the .pub files and do a quick comparison against ssh-keyscan 192.168.1.X | ssh-keygen -lf - command. Should be equal too It would be the most obvious approach at a first glance, it perhaps for a "small" LAN/WAN would have sense, but assuming the admin don't want share these files due of any policy ... how to answer my question? - Of course the other worst scenario is if the admin's email/ftp was compromised too.