In the past I’ve used a certificate authority for ssh setup as one nice way to stop the proliferation of ssh keys. The other route is to use one hardware key fob with a gpg identity on it and use that as your global method of access.