I'm not a specialist in cryptography, but I think I can make a few comments.
Normally we have public key that is a product of 2 primes and private key that are primes-1. And the security is dependent on difficulty of factoring the public key. In case of ssh the public key sits on the ssh server while private key is on client.
I don't think that last sentence is true.
First you need to realize that
RSA (the algorithm behind public key encryption) can be used for 2 things:
1) authentication. you prove to the other side that you are who you claim you are.
2) encryption. once the server believes that you are who you say you are, the rest of the conversation will be encrypted, so that no eaves-dropper can listen in.
I assume ssh uses both in its protocol.
You should also realize that not only you authenticate yourself to the server, the server also has to authenticate itself to you ! Usually this works very simple. When you log in for the first time, the ssh-client asks you if you really believe you are talking to the computer you are supposed to. If you answer yes, the ssh-client on your machine will accept the public-key of the server. And that public-key is from then on used when the server authenticates itself to you, when you log in in the future.
Also, I don't think private keys are exchanged. Public key encryption works with challenge/response.
https://en.wikipedia.org/wiki/Challenge–response_authentication
Some systems work like this: they use a public key encryption system to authenticate each other. Then they use the public key encryption to exchange a temporary password (=random long bitstring). This is caled the session key. Then from that point on, all the user data that is exchange is encrypted using a private-key-system (like AES) with that temporary session-key.
This is done because public-key systems (like RSA) are usually very cpu-intense. While private-key systems (like AES or DES) are much lighter on the CPU.
This begs the question: "if the public and private keys were exchanged securely, does the ssh tunnel security still dependent on the length of the key the same way as it does in usual public key cripto like ssl?" In case of ssh the "public key" isn't really public so how would attacker know the large pseudoprime that needs to be factored?
In RSA, public keys are really public. I think every time another ssh-client connects to a ssh-server, the ssh-server will give the client the public key. There really is no secrecy of the public key. That's why it is called public.
Maybe your question is: does the length of the temporary session-key have an impact on the security of the encrypted data that is exchanged, after the initialization of the session with RSA ?
I think it does. An eaves-dropper that sees only the encrypted data will have to do brute-force decryption with different keys, to try and guess the key and decrypt the data. The length of the session-key is a factor there.
Of course the strength of the session-key and the AES-encryption depends on the initial setup with the public-key system. If that initialization can be broken, then the attack will have the session-key. And he can then decrypt all user traffic.
Hope this helps.