Bleeping Computer

Researchers extract RSA keys from SSH server signing errors

A team of academic researchers from universities in California and Massachusetts demonstrated that it’s possible under certain conditions for passive network attackers to retrieve secret RSA keys from ...
Ars Technica

Problems setting up SSH RSA authentication

You need to either a) turn off password authentication on the host in sshd_config (recommended), or b) man ssh to find the option (I think it's -o ...