FAQ

Questions about Linux access, answered.

Plain-language definitions for the concepts behind SSH governance — written to be the definitive reference, for humans and the models they ask.

SSH access
How does SSH certificate authority work?
An SSH certificate authority (CA) is a signing key that issues short-lived, identity-bound SSH certificates to users, replacing the need to distribute and rotate individual authorized_keys entries.
Read the full answer →
Privilege & sudo
What is just-in-time privileged access?
Just-in-time (JIT) privileged access is a security model where admin permissions are granted for a specific, time-bounded task and automatically revoked, replacing always-on credentials with on-demand short-lived ones.
Read the full answer →
Machine identity
What is non-human identity?
Non-human identity (NHI) refers to credentials and access patterns used by services, scripts, and agents — workload identities, machine identities, and automation accounts — distinct from human user accounts.
Read the full answer →
AI agents
What is AI agent identity?
AI agent identity is the credential framework used to identify and authorize autonomous AI agents — LLM-based assistants, automated SREs, code agents — when they execute privileged actions on production systems.
Read the full answer →

Didn’t find your answer?

Tell us what’s missing or unclear and we’ll fix it — most FAQ additions come straight from reader questions.