I'm sure it's different for large megacorps, but if you have less than 100 devs then the single point of failure in your SSO scheme is a far bigger security and operational risk than having long-lived keys on some dev's laptop.
> the rest of your authentication
What is "the rest of your authentication" in this context? Corporate email? As far as I know, SSH is the only real authentication possible here.
> the rest of your authentication
What is "the rest of your authentication" in this context? Corporate email? As far as I know, SSH is the only real authentication possible here.