Re:Single point of failure? (Score 1)

Almost. Not only does someone need to get the passphrase protecting the key, he/she needs to get the key itself. The passphrase is useless without the actual key. If you wanted to be paranoid, you could keep your private key on an unmounted medium, and mount it only when you wanted to use it. Not to say that this couldn't be done, but it makes things more interesting for the attacker.