Docs feedback: SSH keys suggestion is unsafe

This text:

Alternatively, use ssh-keyscan to scan the keys of your private server. Replace example.com with your private server's domain name. Repeat that command if you have more than one server to connect to.

• ssh-keyscan example.com >> ~/.ssh/known_hosts
• chmod 644 ~/.ssh/known_hosts

is bad security practice. It's as bad as ignoring host keys. If somebody hacks example.com and serve different host keys, they will just be accepted, perhaps dependent on the current content of known_hosts.

Also, the known_hosts will get duplicate entries every time a job is run.