> consider that long-lived SSH credentials are an anti-pattern
With due respect: have you considered the myriad systems where you need to upload your SSH key to an UI? If my key is short term then I need to do that all the time. I can't set up an SSH CA on github for example.
GitHub has APIs for automation (eg via Terraform). Granted not ever web-based service does, but if you were sufficiently determined to use SSH CA then I'm sure you'd find a way (or an alternative service that did support your workflow).
With due respect: have you considered the myriad systems where you need to upload your SSH key to an UI? If my key is short term then I need to do that all the time. I can't set up an SSH CA on github for example.