It’s from SSH server and it’s captured and remembered so that any attempt to put something else at the network address of the server will be noticed. Addresses by themselves are simple to change/intercept.
It’s as automatic as it was the first time, however I haven’t found any automatic ways, without admin help.
If you used the Test connection button on the Destination screen, you would get a blue popup that says
Trust host certificate?
No certificate was specified previously, please verify with the server administrator that the key is correct: ssh-rsa 3072 F3:B4:C6:F5:31:00:27:88:0B:89:73:31:9B:54:34:BA Do you want to approve the reported host key?
If you just went for a backup without testing, you get different more manual (not sure why) guidance saying
Error while running test_1
Please add --ssh-fingerprint=“ssh-rsa 3072 f3:b4:c6:f5:31:00:27:88:0b:89:73:31:9b:54:34:ba” to trust this host. Optionally you can use --ssh-accept-any-fingerprints (NOT SECURE) for testing!
Either way, the remembering of the server fingerprint for SFTP (SSH) is in the destination Advanced option
--ssh-fingerprintThe server fingerprint used for validation of server identity. Format is eg.ssh-rsa 4096 11:22:33:44:55:66:77:88:99:00:11:22:33:44:55:66.
Where is the SSH Server Fingerprint generated/stored? says how Ubuntu makes and stores a fingerprint.
Note that this is for you to be able to know that you can still trust the server, not to get server to trust you…