Comment by jeroenhd

Yes, that's the point, indeed. One key per device, impossible to extract, so you need to break into the device to use the key.

If you want to maintain backup access, you can use an SSH CA to sign your public SSH keys, then keep the private keys on your device. If you keep the CA keys safe (i.e. physically safe on a flash drive), this means you can even add new keys after you lose all your devices.

This way, you only need to trust your one CA on your servers (so you don't need to copy 20 public keys around for every server).

Plus, if you're setting up a (separate) SSH CA, you can also sign servers' host keys, so you don't need to rely on TOFU to prevent MITM attacks, if that's something you care about.