HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of principals on pools of target hosts without the need to push customized authorized_users files periodically.
Why do you think that https://github.com/dracut-crypt-ssh/dracut-crypt-ssh is a good alternative to hiba