diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
index cfa9cce..6a01eaa 100644
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -17,8 +17,11 @@ jobs:
       - name: Trigger tutorials redeploy over SSH
         env:
           DEPLOY_KEY: ${{ secrets.TUTORIALS_DEPLOY_KEY }}
-          DEPLOY_HOST: REDACTED
+          # Host address kept out of this public repo — set as an Actions secret.
+          DEPLOY_HOST: ${{ secrets.TUTORIALS_DEPLOY_HOST }}
           DEPLOY_USER: deploy
+          # Pinned host public key (a known_hosts line), also via secret.
+          KNOWN_HOSTS: ${{ secrets.TUTORIALS_KNOWN_HOSTS }}
         run: |
           set -eu
           # Ensure an SSH client is available on the runner image.
@@ -28,9 +31,14 @@ jobs:
           install -d -m 700 ~/.ssh
           printf '%s\n' "$DEPLOY_KEY" > ~/.ssh/deploy_key
           chmod 600 ~/.ssh/deploy_key
-          # Forced command runs regardless of the remote command; we send a
-          # harmless placeholder. accept-new pins the host key on first use.
-          ssh -o StrictHostKeyChecking=accept-new \
+          # Pin the target's host key (supplied via secret) instead of trusting
+          # it on first connect — closes the first-connection MITM window that
+          # StrictHostKeyChecking=accept-new (trust-on-first-use) leaves open.
+          printf '%s\n' "$KNOWN_HOSTS" > ~/.ssh/known_hosts
+          chmod 600 ~/.ssh/known_hosts
+          # Forced command runs regardless of the remote command; harmless placeholder.
+          ssh -o StrictHostKeyChecking=yes \
+              -o UserKnownHostsFile="$HOME/.ssh/known_hosts" \
               -o BatchMode=yes \
               -i ~/.ssh/deploy_key \
               "${DEPLOY_USER}@${DEPLOY_HOST}" deploy