SSH fingerprints can also be provided via DNS with the SSHFP[0] DNS record, which coupled with DNSSEC and supposing you trust the DNS root and intermediate entities (whether that's IANA/ICANN, or alternatives like OpenNIC or Namecoin) allows you to check the SSH server fingerprints without HTTPS. At some point you probably need to trust someone anyway.
Or you can always get the fingerprint out of band. If it's some friend granting you SSH access to their server, or a vendor, or whatever, you can ask them to write the fingerprint on a piece of paper and give it to you, with you checking the paper comes from them and then checking them.
Or you can always get the fingerprint out of band. If it's some friend granting you SSH access to their server, or a vendor, or whatever, you can ask them to write the fingerprint on a piece of paper and give it to you, with you checking the paper comes from them and then checking them.
[0]: https://datatracker.ietf.org/doc/html/rfc4255