Comment Re:SSH keys are a security nightmare (Score 1) 40
A password protected key depends on trusting a host that has already been compromised in this situation.
You can set up ssh to require BOTH a key and a system password. That is the most secure way of dealing with ssh keys. You can even add in another 2 factor thing if you need that too. Just remember that most common 2 factor systems are just another password with some math thrown in.