[Too]

Yeah. This removes one factor in 2FA by deriving something you have by something you know.

Almost equivalent to going back to username+password and use your favorite git hash as your password.

If you are truly paranoid about loosing your ssh key, get a hardware yubikey instead.