The encryption of your secret key is only one component of the private key's security; the other component is that only you posess it. Sending the private key (even if encrypted) over a public channel allows an eavesdropper to get the (encrypted) key file. Then an brute-force attack on the passphrase could be started any your private key could possible be disclosed.

I read that a random German sentence of 80 characters (corresponding to approximately 20 random characters) would be strong enough to protect a 1024 bit RSA key. My guess is that the average user's passphrase is much weaker than that, so keep your secret key away from public if possible.

The encryption of your secret key is only one component of the private key's security; the other component is that only you posess it. Sending the private key (even if encrypted) over a public channel allows an eavesdropper to get the (encrypted) key file. Then an brute-force attack on the passphrase could be started and your private key could possible be disclosed.

I read that a random German sentence of 80 characters (corresponding to approximately 20 random characters) would be strong enough to protect a 1024 bit RSA key. My guess is that the average user's passphrase is much weaker than that, so keep your secret key away from public if possible.