@surma I’m not sure about the encryption strength itself, but there are certainly other best practices you can use to mitigate the risk of private key disclosure, such as using unique keys for every user on every machine, and scoping a given key’s privileges via the authorized_keys file: https://superuser.com/a/261394
Information Systems Engineer • He / Him • Learning to Work Smart, not Hard • Forming Good Habits, One Automation at a Time