Malicious OpenSSH servers can silently steal people's private SSH keys as they try to login, it emerged today. There is going to be a lot of bad people knocking on your (SSH) doors. Maybe best to block port 22 on your firewall for a while?