If you can run arbitrary code as me you can probably extract ssh private keys from the memory of the ssh agent process. If you want extra security then it would be possible to implement a scheme involving a SMS message which contains information required to log in.
Where I live receiving a mobile call or text message is free.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds