I’m a single user and my authorized_keys is 25 lines. I have different yubikeys in laptops, keys on iPads and iPhones, and secure enclave keys on macs.
I imagine starlink has more than 1-2 sysadmins. I think a hundred pubkeys would be reasonable.
It seems wrong that each individual sysadmin human in Space X would need to (a) login to my device remotely, and (b) require individual credentials to do so.
Having some way to remotely push updates, and having some kinda of (preferably with your consent!) remote access might be reasonable, but I would expect that to be via some kind of intermediate gateway/app/something and not direct from a sysadmin’s individual account.
Certificates are great, but not strictly necessary until you need to distribute thousands of keys. maintaining an authorized_keys text file is much simpler than running a CA.
I can't imagine why that would be reasonable for an environment that demands a higher degree of security.
I imagine the most ideal situation would be 1) minimising the number keys, 2) use hardware backed authentication or certificate based authentication, 3) lock up the private keys somewhere safe.
The idea of 41 points of failure that can SSH into any starlink terminal is not appealing.
I imagine starlink has more than 1-2 sysadmins. I think a hundred pubkeys would be reasonable.