A better idea would be the terminal trusting one or two core certificate authorities and then those authorities creating time limited certificates when needed.
So the terminal accepts "sshauthority1"
Then the 41 remote sites contact sshauthority1 to get a 1 hour (10 minutes, 10 days, whatever) long certificate for "site18"
If a remote site is compromised sshauthority1 no longer issues certificates, and within an hour (10 minutes, 10 days, etc) the remote site can no longer reach the terminals.
Revoking a key from that many terminals (many of which will be offline) if one of the 41 keys is exposed is not trivial.
Now if sshauthority1 is compromised then you've got the same issue with rotation (although can CRL it), but it's easier to secure one or two authorities than 41 keys.
So the terminal accepts "sshauthority1"
Then the 41 remote sites contact sshauthority1 to get a 1 hour (10 minutes, 10 days, whatever) long certificate for "site18"
If a remote site is compromised sshauthority1 no longer issues certificates, and within an hour (10 minutes, 10 days, etc) the remote site can no longer reach the terminals.
Revoking a key from that many terminals (many of which will be offline) if one of the 41 keys is exposed is not trivial.
Now if sshauthority1 is compromised then you've got the same issue with rotation (although can CRL it), but it's easier to secure one or two authorities than 41 keys.