Deveo should show their server's SSH key fingerprint(s) for verification
When a SSH communication key arrangement is first made, the communication program asks if you want to trust the server's key with a fingerprint that is shown on screen. Usually the user doesn't have the information, so they just accept it, risking a man-in-the-middle attack.
If Deveo's protected web site showed fingerprints of the keys they use for SSH communications on their servers, users could really verify the correctness of the connection.
... And then the user guide page that people follow when setting up the SSH keys should contain a pointer to the page with the SSH key fingerprints.