It works fine until you have dozens of servers, multiple engineers, short-term access needs, or any real security requirement. At that point, things start to get messy and a bit hard to trust.
I looked into tools like Teleport and Smallstep, but they felt too heavy for what I needed in terms of infrastructure, setup, and learning curve. So I built Sshifu.
The idea is simple: you run a small server that handles authentication (for example via a GitHub org), it issues short-lived SSH certificates, and users just run a CLI to get access automatically. No more manually managing `authorized_keys` across machines.
Quick disclaimer: this is very much a “vibe-coded” project (probably 99%). I built it to scratch my own itch, so it’s still early and a bit rough around the edges. That said, it works well for my use case so far.
Would love feedback, especially what’s missing for real-world usage, and what would stop you from using this.