Sometimes I find resources that are truly out there working to the benefit of the online community. Wordfence is one of them. Wordfence Blog, 10/27/17 addressing a marked rise in attacks on SSH keys:
Running a secure WordPress website requires a layered approach to security. On this blog we regularly discuss the various approaches you can use to keep your site and your customers secure. Understanding how to securely sign in and how to protect your credentials is one of the important components in a layered approach to securing your website. If you use SSH or SFTP to manage your site with SSH keys, protecting your private key is critically important to staying secure.