Larvata

ED25519 is more vulnerable to quantum computation than is RSA

best practice to be using a hardware token

to use a yubikey via gpg: with this method you use your gpg subkey as an ssh key

sit down and spend an hour thinking about your backup and recovery strategy first

allows you to revoke a single credential if you lose (control over) that device

If a private key ever turns up on the wrong machine, you *know* the key and both source and destination machines have been compromised.

centralized management of authentication/authorization

I have setup a VPS, disabled passwords, and setup a key with a passphrase to gain access. At this point my greatest worry is losing this private key, as that means I can't access the server.What is a reasonable way to backup my private key?

a mountable disk image that's encrypted

a system that can update/rotate your keys across all of your servers on the fly in case one is compromised or assumed to be compromised.

different keys for different purposes per client device

fall back to password plus OTP

relying completely on the security of your disk, against either physical or cyber.

It is better to use a different passphrase for each key but it is also less convenient unless you're using a password manager (personally, I'm using KeePass)

- RSA is pretty standard, and generally speaking is fairly secure for key lengths >=2048. RSA-2048 is the default for ssh-keygen, and is compatible with just about everything.

public-key authentication has somewhat unexpected side effect of preventing MITM per this security consulting firm

Disable passwords and only allow keys even for root with PermitRootLogin without-password

You should definitely use a different passphrase for keys stored on separate computers,