step-ca
Kill Your SSH Keys: Production SSH Certificate Authentication with step-ca
Every infrastructure team I've worked with has the same dirty secret. There's a directory somewhere — usually on a shared drive, sometimes in a 1Password vault if the team is feeling responsible — that contains the SSH public keys of everyone who's ever needed access to