kerr, that was my post in the referenced thread.
I don’t use any Apple passkeys - which I assume to be an implementation of the ssh private and public key pair function.
With ssh keys you generate a pair (private and public keys) the machine with the private key can access any user data that holds the public key. The machine with the public key holds it in that user’s home folder in an authorised_keys file as a string of text in one line. - Could have several different public keys to allow access from multiple external users.
The config file for ssh access can be set up to completely disable password authentication access, - so no public key present matching a private key held by the accessing machine means no access is possible.
It is a one way relationship though, - the public key holding user account / machine cannot access the one with the private key. - Another key pair in the reverse direction is required for this functionality.
But user accounts on multiple machines or multiple user accounts on one machine all with the same public key can be accessed by the private key holder.
Clear as mud ? - It took me a while to get my head around it.