It's not that different from having the same user/password accessible via ssh. It's best to not have direct access to important machines anyway, and go for a bastion or similar service.
But... you can switch to Kerberos SSO, or setup smart cards login instead.
You can also use it kind of like a jump host and do ssh keys I to secondary server.
I find it cool to give nice way to access in environments where ssh is not allowed by default, but https is. It's sometimes easier to setup proxies/reverse proxies in corporate forest instead of opting for direct ash access.
But... you can switch to Kerberos SSO, or setup smart cards login instead.
You can also use it kind of like a jump host and do ssh keys I to secondary server.
I find it cool to give nice way to access in environments where ssh is not allowed by default, but https is. It's sometimes easier to setup proxies/reverse proxies in corporate forest instead of opting for direct ash access.