This:
Backdoored Python Library Caught Stealing SSH Credentials
https://search.app.goo.gl/Sg2J7
If you have an SSH private key that is NOT password protected (i.e. a second factor) then your ssh logins can be completely stolen via this malware.
But even if you do protect your private key, maybe you should also look at two-factor ssh login using Google authenticator, which makes a private key just a small part of the authentication process.
The EXPLOINSIGHTS, Inc. System Administrator's journey to establish and operate a Centralised Office IT Infrastructure