Fingerprints

Since SSH architecture does not recognize certificates and has no other way to check whether the remote server is really the server you are expecting to be connected to, your decision to accept the connection or not is based solely on trust.

You normally use SSH as follows: if you have connected to a remote server once and you are sure that this is the server you wish to connect to, you should save fingerprint information locally. Every time you reconnect, you should check whether the fingerprint data matches the information you stored to make sure that nobody is "in between". Fingerprint information is unique for different servers and is generated by the server's private key.