How often should I rotate my ssh keys?

Avery Pennarun's blog post discusses the importance of regularly rotating SSH keys to prevent credential theft, a practice that remains crucial despite the perceived security of SSH public-key authentication. While SSH keys were a significant advancement over passwords when introduced, they are not foolproof and can be compromised if stolen. The text recounts an incident where a former employee misused stolen SSH keys to access and destroy company servers, highlighting the vulnerability of static keys. Pennarun suggests that key rotation, despite being tedious and error-prone, is essential for protection against such threats. The post also explores more robust alternatives, such as using hardware tokens or setting up an SSH jumphost, which can provide additional security layers but come with their own challenges. The author advocates for a system where each device-person combination uses a separate private key, allowing for frequent and reliable key rotation, which helps detect and respond to breaches effectively.