Userify is available as on-premise too. (btw I strongly agree with you... we're offering 5 server enterprise license model and we're looking at an unlimited stripped-down free version.)
Also, you're probably running servers at a third party hypervisor already.. ;) they could be scanning your RAM and reading your disk and you'd never know.
Yeah, actually I'm not. All of my servers are either in our own cages in datacenters or housed in buildings that we own. We don't do AWS/DigitalOcean/etc. (Nice attempt at a jab, though.)
I certainly wasn't trying to shit on you (or your company/employer) personally... but to me the idea of turning over ultimate control of all my servers, data, etc., to some unknown third-party and simply trusting them is absolutely fucking absurd.
I pretty much agree with everything cyberpunk said in this thread. I've been around long enough that it shouldn't but some of the things people do with regard to security sometimes surprises me and just leaves me standing there with my mouth hanging open, saying "WTF?".
Are you really asking the difference between the CA bundle and some node+redis+python startup being able to drop authorized_keys across your datacenter?
The original conmment was about "unknown third parties". I'm not advocating handing over your ssh keys to anyone but if you did, at least this would be a third party you consciously chose to trust. The crap load of CA's you implicitly trust on the other hand... Do you even know the names of 10 out of about 200 of them embedded in your browser?
Also, you're probably running servers at a third party hypervisor already.. ;) they could be scanning your RAM and reading your disk and you'd never know.