> I also don't want to trust certificate authorities for my SSH connections let alone CF. Would not be surprised if it/they were compromised.
OpenPubkey, or in general? Normal SSH CAs don't do PKI like browsers use, you make and trust your own CA(s). And if an attacker can compromise your CA private key, why can't they compromise your SSH private key directly?
That's about host keys, not user keys. And... I'm struggling to think of a threat model where that problem manifests in a compromise? Like, what's your threat model?
That said, CAs actually really help with that problem, because if a server has its host keys signed with a CA and then the user trusts that CA then they don't have to TOFU the host keys.
OpenPubkey, or in general? Normal SSH CAs don't do PKI like browsers use, you make and trust your own CA(s). And if an attacker can compromise your CA private key, why can't they compromise your SSH private key directly?