我有一台位于美国的服务器，并从世界各地通过 SSH 连接到它。当我从以前从未使用过的计算机上 SSH 时，我会看到如下内容：

The authenticity of host 'my.usa.server.com (11.22.33.44)' can't be established.
RSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:b8:1d:61.
Are you sure you want to continue connecting (yes/no)? 

在世界上大多数地方，RSA 指纹都是相同的，这是有道理的，因为我总是连接到同一台服务器：

[来自瑞典的服务器]

me@sweden:~$ ssh myaccount@my.usa.server.com
The authenticity of host 'my.usa.server.com (11.22.33.44)' can't be established.
RSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:b8:1d:61.
Are you sure you want to continue connecting (yes/no)? 
me@sweden:~$

[来自荷兰的服务器]

me@nl:~$ ssh myaccount@my.usa.server.com
The authenticity of host 'my.usa.server.com (11.22.33.44)' can't be established.
RSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:b8:1d:61.
Are you sure you want to continue connecting (yes/no)? 
me@nl:~$

[来自美国的服务器]

me@otherusaserver:~$ ssh myaccount@my.usa.server.com
The authenticity of host 'my.usa.server.com (11.22.33.44)' can't be established.
RSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:b8:1d:61.
Are you sure you want to continue connecting (yes/no)? 
me@otherusaserver:~$

但是，当我尝试从中国的服务器连接时，密钥指纹不同：

me@chinaserver:~$ ssh myaccount@my.usa.server.com
The authenticity of host 'my.usa.server.com (11.22.33.44)' can't be established.
ECDSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:d8:0f:01.
Are you sure you want to continue connecting (yes/no)? 
me@chinaserver:~$

请注意，密钥和密码是不同的。需要注意的是，我拥有中国物理服务器和它所在的房间，所以我可以确定服务器硬件是安全的。

这是否意味着上游的某个人，例如中国政府或 ISP（中国电信）正在进行某种 MITM 攻击？