In https://bugs.debian.org/614818, Calum Mackay reported the following, and I've checked that this is still the case in 7.6p1:


In the FILES section of ssh(1), it says:

     ~/.ssh/id_rsa
             Contains the private key for authentication.  These files contain
             sensitive data and should be readable by the user but not acces‐
             sible by others (read/write/execute).  ssh will simply ignore a
             private key file if it is accessible by others.  It is possible
             to specify a passphrase when generating the key which will be
             used to encrypt the sensitive part of this file using 3DES.

However, in a recent release, ssh-keygen has switched to using AES, not
3DES, to encrpyt the private key. This is noted in the ssh-keygen(1) page,
in this same pkg:

     ~/.ssh/id_rsa
             Contains the protocol version 2 DSA, ECDSA or RSA authentication
             identity of the user.  This file should not be readable by anyone
             but the user.  It is possible to specify a passphrase when gener‐
             ating the key; that passphrase will be used to encrypt the pri‐
             vate part of this file using 128-bit AES.  [...]


This section should probably be the same across both man pages.