Improve private key storage (PKCS8)

[dolmen]

Store/convert the private key to PKCS#8 storage:

http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html

[dolmen]

Looking at the comments of the post, there may be an issue with ssh-agent not being able to decode PKCS 8 private keys. Needs testing.

[dolmen]

Must test that PKCS 8 private keys work with various SSH agents: ssh-agent (from OpenSSH), gnome-keyring, kwallet.

[dolmen]

Apparently this is not supported on OpenSSH on MacOX X 10.9. Needs confirmation.

[dolmen]

Related: http://latacora.micro.blog/2018/08/03/the-default-openssh.html