@mttaggart Oh, it's less about me accidentally using it to log in. But you're correct: as my GPG key, the SSH key should have a proper passphrase set – so even if someone "finds" the private key, it would be useless to them 🤷‍♂️ Guess I've let myself be carried-away a little by that article. But Brian has a point there: not being configured for auth makes it not usable for auth. Well, the term "military grade" was "signaled" out recently I've heard 🙊 💨