[tsimionescu]

This resists scenarios where the machine you are running SSH from is compromised, and has a keylogger or something similar installed. SSH can't protect you from a local attacker (in fact, the SSH client binary itself could be the compromised part).

[__david__]

Yes, but if the server you’re logging into only accepts keys then leaking its password isn’t nearly as bad. Though I guess if your local ssh client is compromised then your local private keys are also compromised so you’d be screwed anyway (unless you are using a yubikey type of thing—I should get me one of those).

[Wowfunhappy]

If I own both machines this doesn't seem entirely reasonable. (Of course a machine I own could be compromised but again, then I have other problems.)