Where does Putty get the server host public key?
it's not clear to me what role the private key /etc/ssh/ssh_host_${type}_key plays in the connection. it's not clear how having the server send me a public key helps when an attacker could just check what public key is being sent from the server being attacked, get in the middle and just spoof that exact same public key
To be clear, the server isn't actually re-sending your public key back to you. The server has its own completely separate key that it's sending to you – the "host key". Both the public and private parts of the host key are stored in /etc/ssh.
The server doesn't just send the public key; it also sends a signature made using the corresponding private key, which the client can use as proof. (The data being signed is unique for each connection.) An attacker could send the same public key but couldn't produce a signature.
This is also how certificates work in SSL/TLS (HTTPS and such).
Your own authentication key is also verified by the server in the same way – i.e. PuTTY doesn't only send your public key alone, but uses your private key to sign the message, so that someone else couldn't log in as you just by looking at your authorized_keys file.