>True, but what if you connect to that system while it's compromised and under attacker's control?
I don't follow you on this one. Could you expand a little bit?
>What if you want to separate your identities?
Sure, you can do this to preserve some privacy if you think the services might collude. But my point is that multiple keys don't make you more secure. (It's not like symmetric encryption where you should be using different passwords for everything.)
>What if you want to limit your responsibility and be able to just permanently delete the key after you finish working with some system thereby completely revoking your access to it?
This is a fair point, although having continued access is only a problem if an adversary gains control of the machine containing your private key (and in that case it's usually game over anyway). It's the job of the sysadmin of the other server to revoke authorized_keys as needed.
>What if you want to store passwords to some keys in your system keyring but enter the pass every time for others?
Again, a fair point, but this is only a risk if a bad guy has control of your machine. In general I'm referring to the misconception many people have that using multiple keys protects them if an external service is compromised. While this is true for passwords, for asymmetric crypto, revealing a public key is not really a problem.
I don't follow you on this one. Could you expand a little bit?
>What if you want to separate your identities?
Sure, you can do this to preserve some privacy if you think the services might collude. But my point is that multiple keys don't make you more secure. (It's not like symmetric encryption where you should be using different passwords for everything.)
>What if you want to limit your responsibility and be able to just permanently delete the key after you finish working with some system thereby completely revoking your access to it?
This is a fair point, although having continued access is only a problem if an adversary gains control of the machine containing your private key (and in that case it's usually game over anyway). It's the job of the sysadmin of the other server to revoke authorized_keys as needed.
>What if you want to store passwords to some keys in your system keyring but enter the pass every time for others?
Again, a fair point, but this is only a risk if a bad guy has control of your machine. In general I'm referring to the misconception many people have that using multiple keys protects them if an external service is compromised. While this is true for passwords, for asymmetric crypto, revealing a public key is not really a problem.