[icedrift]

There's nothing dangerous about SSHing into an untrusted server unless you're using the same keys for everything.

[otterley]

Remote resources only get your public key. It’s meant to be shared! Hence the word “public.”

The threat is having a private key stolen, in which case, having multiple keys can mitigate the amount of damage a threat actor can do. However, to steal your private key would involve a successful attack against your client, not against any server you might have given the public key to.

[enneff]

There is also the threat of the server sending a data sequence that exploits a vulnerability in your terminal. It has happened before, but it’s rare.

[otterley]

Always encrypt your SSH private key! It shouldn’t be so easily stolen.