Exactly, here in Florida they're right 50% of the time, which is why South America has it figured out. Nobody there cares if its right or wrong, but watching the weather wo-"man" is just very entertaining to watch.
OpenSSH can use host certificates to verify the host (like SSL certs on a webserver).
OpenSSH can also use user certificates to verify the user (like passwords or ssh keys).
Both these types of cert to be used independently of each other.
I've tested using user certificates to authorize user login, since that is what most
people do with keys. People never really verify the host identity.
It works great and it's actually very simple. This will be my new SOP going forward.
Before starting to add hosts and users you need to create a Certificate Authority (CA) - which is actually just a key pair. It's a one-liner.
Every time you create a new host, you just need to copy the same file to it - the public key of the CA. And change one line in sshd_config to allow ssh certificates.
Every time you have a new user on your team who need access to servers, you have to generate a certificate for him. It's a one liner. He will copy the certificate to his own machine. And the ssh client will automatically send the certificate when needed.
Generating certificates is the part that could be automated. You could for instance be given a certificate that expires in 5 minutes. That would allow you to login and stay logged in. But if you need to login again, you need to generate a new certificate.
Nothing is going to work better than buying or building networking gear and building and maintaining a network(s) of your own. Hands on, in an environment where you are free to break things, test things, try things that most businesses don't need, etc. Change things, do it again but in a different way or with different products.
Build a lab that you can brag about and talk to companies about all of the different things that you do.
Zoho Cliq is slightly confusing though because external users and guest users are completely different things.
External users are Zoho Cliq users belonging to another organization. So external to your organization. Anyone can sign up though. So if you invite an external user that doesn't have Zoho Cliq, he will receive an invitation to sign up.
Guest users are non-Zoho Cliq users (that haven't signed up for a Zoho account). If you invite a guest users, they will not receive an invitation to sign up, they will receive a login link so they can chat with you.