It is considered a good practice to verify SSH fingerprint of the remote server when connecting to it for the first time.

Especially for the phacilty/phabricator case, if we skip the verification step, it is possible to leak the content of private repositories (An attacker can MITM the traffic of git push ssh://user@vault.phacility.com).

So, can you give the host key fingerprint of vault.phacility.com?

FYI, Github publishes the host key fingerprint here:

https://help.github.com/articles/github-s-ssh-key-fingerprints/

Gitlab also publishes their fingerprint:

https://about.gitlab.com/gitlab-com/settings/#ssh-host-keys-fingerprints