My OpenSSL-based daemons are back up !
These commands should provide quite a good security level for a while (at least again non super-power governmental organizations) :
$ ssh-keygen -t rsa -b 4096 # openssl genrsa -aes256 -out secret.key 4096
I am the only person to use the server, so I don’t have any scallability issue. :)
Just to enforce the ssh configuration, I added these two line in sshd_config :
Protocol 2 HostKeyAlgorithms ssh-rsa