No, this is a completely unnecessary piece of information that ssh is unnecessarily jamming into the pubkey. What possible use does including the hostname of the generating machine serve for public key authentication?
Today it's my hostname. Tomorrow ssh-keygen (with default arguments) could start including more sensitive information, like the IPv6 address of my machine that's open to the internet and its exact OS version, and leave me open to a lot of attacks. Hence, I'm not going to trust the default arguments for it.
First, this field is important. It's not used for authentication in any way,
as it's just an optional comment, ignored by sshd otherwise. It's not an
information for sshd, though: it's information for human user. Without this
comment you don't have an easy way to tell where the keys come from.
Second, if you don't trust ssh-keygen, why the heck do you use it in the first
place?
Why it would suddenly leak such information? User+host is put in the comment
field for dozen years already, if not longer (and has quite good
explaination why it is there). Where does this distrust of yours come from?
It's completely opaque to me.
Today it's my hostname. Tomorrow ssh-keygen (with default arguments) could start including more sensitive information, like the IPv6 address of my machine that's open to the internet and its exact OS version, and leave me open to a lot of attacks. Hence, I'm not going to trust the default arguments for it.