Is the combination of X25519 ECDH and NTRU in OpenSSH 9.X secure against quantum attacks?

Can the combination of X25519 ECDH and NTRU in OpenSSH 9.X defend me against quantum attacks?

Actually, that version of OpenSSH uses NTRU Prime, rather than NTRU.

However, that does not change the answer: it is believed that the combination is resistant to attackers with Quantum Computers attempting a 'store-and-decrypt-later' attack.

Why is it believed that this combination is secure?

We believe it is secure because we believe that NTRU Prime is secure against a Quantum Adversary, and the secret keys that protect the traffic depend on the NTRU Prime shared secret. Without those secret keys, the attacker would need to attack the symmetric ciphers directly, which we believe is also too hard.

Now, I did put in weasel words about 'store-and-decrypt later' attacks; another possible attack (if the attacker has a Quantum Computer at the time of the exchange) is to break the authentication piece of SSH. I don't know if that is similarly protected (it might be; I don't know); if it is isn't, then this is also a potential avenue. Of course, this attack can only be used to attacks going forward, and previous sessions are unaffected.