SSH certificates allow system administrators to SSH into machines without having to manage authorized keys in the servers. In summary, you create a key pair to be used as a Certificate Authority (CA), and add the public key of that key pair to the server: TrustedUserCAKeys /etc/ssh/my-root-ca.pub Then, usually, a system administrator or an automated system creates certificates for the users that need to access the servers. Those certificates are created with the CA’s private key, the user...
