by Lately, there have been vendors who believe it is acceptable to break into encrypted and private communications, just because the packets partially traverse a given network. This isn't just wrong, it's dangerous.
Few would argue that if you are using a Hotel wireless, that the hotel has the right to break into your communications, break the encryption via a Man in the Middle attack while you attempt to connect back to your corporate server. But some companies do precisely that, thinking that they are justified in taking traffic that traverses their network, but is not destined for their network, intercepting it, breaking the encryption. We aren't just talking about breaking inbound SSL for the purpose of sending the traffic through the IDS/IPS. That traffic is destined for you, you already are going to decrypt it, you just are decryping it earlier so you can ensure you are not harmed by it. The problem is breaking outbound SSH traffic, falsifying the host key and thus having full access to the entire session, including any passwords.
That behavior is nothing but cracking. It isn't ethical, and those who engage in that behavior should be removed from their jobs. Security requires an extremely high degree of ethics, and there is no room for those who engage in unethical behavior. It's long past time for ethics to come back to computer security work.