SSH – If Eve has the passphrase and public key, can she derive the private key?

SSH – If Eve has the passphrase and public key, can she derive the private key?

I have used ssh-keygen for creating an RSA 4096-bit SSH private and public key pair. I used a passphrase for the private key.

If an attacker, Eve, knows the passphrase in addition to the public key:

1. Can they derive the private key? - I presume yes with enough time.
2. If they can derive the private key, what algorithms can they use to do this? - I don't know.
3. What is the number (or order) of operations needed for each algorithm to derive the private key?

Update - it seems that with using "yafu" on one computer (http://iamnirosh.blogspot.co.uk/2015/02/factoring-rsa-keys.html) that the brute force cracking process / factoring takes significantly less time.

• Would be interesting to see how much difference yafu makes on a distributed environment and on supercomputers.