Almost certainly, provided you're running a recent-enough version.<p>A snooper at the line level would be able to see that you were SSH'ing to a given system and the amount of data transferred, but nothing more.<p>SSH has had very few vulnerabilities and has been really put through the ringer crypto-wise for quite some time. The protocol itself is likely quite solid. Of its common crypto algorithms, the only one I'd avoid is arcfour/RC4. It's an algorithm that's known to be somewhat weaker than other common algos. Blowfish, AES, CAST, Salsa20, Twofish, etc. are not known to have any practical real-world-usable attacks against full-round versions.<p>Keep in mind that in the crypto world a "break" is anything that shortens the time to recover the key from that of a brute force search. So if I find a shortcut to crack a 2^128 key size symmetric cipher in "only" 2^112 iterations, that's a break. But it's not useful in the real world. To be useful in the real world, a break has to shorten things down to... well... depends on the adversary but probably <2^64.<p>Of course you cannot rule out the possibility that the NSA has unpublished attacks against any of these, but most cryptographers I've read consider it somewhat unlikely that they have an unpublished attack good enough to <i>efficiently</i> crack them and read traffic in a real world scenario.
SSH is not safe if you ssh into a resource (directly or indirectly) controlled by NSA. The protocol as such is secure in the sense that for an 'adversary' with average compute power, it is impossible to 'break' the protocol.