It is possible to use gdb to dump the memory of a running SSH-agent and then use that memory to reconstruct a SSH key. This provides the attacker with a way of getting access to a SSH key without knowing the key’s passphrase.