~Mike.
today i have had several attempted "man in the middle" attacks on my SSH sessions. i am not sure which exit node(s) i was using, but the MD5 hash of the fingerprint of the spoofed host key is:
4d:64:6f:bc:bf:4a:fa:bd:ce:00:b0:8e:c9:40:60:57
and it does not matter which host i connect to, the MD5 hash presented it always the same.
just a heads up