Hi! Thanks for looking at Authkeys, company co-founder here. The technical approach is slightly different. Theoapp, the opensource core behind Authkeys leverages AuthorizedKeysCommand [1] sshd feature, instead of using a CA for signing public keys. macno's post at [2] covers it with more context and references.