@lupine No, the property hold even if you were to skip the knock step: in the key exchange step, the client presents an asymmetric key (the long-term client key). The server has pre-existing knowledge of all valid long-term client keys and will not accept ones it does not already know about.

The server is the one who has the prerogative to "be sloppy" at that step, but that's also where the auth happens.

It's authorized_keys and known_hosts at the same time.