Provide SSH host key fingerprint(s) in the README

[ernstki]

Thousands of people answered "yes" to

The authenticity of host 'whoami.filippo.io (96.246.192.163)' can't be established.
RSA key fingerprint is SHA256:O6zDQjQws92wQSA41wXusKquKMuugPVM/oBZXNmfyvI.
Are you sure you want to continue connecting (yes/no)? no

when first connecting to your server.

Here's a chance to perform another valuable public service—on top of encouraging good public key hygiene—by subtly reminding people in whoami's README that they shouldn't ignore these warnings, but rather actually verify the fingerprints with the server administrator.

For example, GitHub puts their host key fingerprints on their website, and every upstanding company in the business of providing services over SSH hosting should do the same.

We wouldn't create permanent exceptions for broken SSL/TLS certificates on our banks' web sites, would we? Super! Browsers have scary warnings about certificate errors for the same reasons that SSH clients have scary warnings about host fingerprints. It's kind of a big deal.

[ernstki]

You are a gentleman and a scholar. Thanks. :)