If you've ever used SSH keys to manage multiple machines, then chances are you've used SSH-agent. This tool is designed to keep a SSH key in memory so that the user doesn't have to type their passphrase in every time. However, this can create some security risk. A user running as root may have the ability to pull the decrypted SSH key from memory and reconstruct it.
more here............https://www.netspi.com/blog/entryid/235/stealing-unencrypted-ssh-agent-keys-from-memory
more here............https://www.netspi.com/blog/entryid/235/stealing-unencrypted-ssh-agent-keys-from-memory