HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of principals on pools of target hosts without the need to push customized authorized_users files periodically.
Why do you think that https://github.com/NoMoreFood/putty-cac is a good alternative to hiba