Add documentation for instance-level SSH certificates
What does this MR do and why?
Contributes to gitlab-shell#841 (closed)
Problem
The new trusted_user_ca_keys feature in gitlab-sshd
(gitlab-shell!1396 (merged))
lacks user-facing documentation. The existing gitlab_sshd.md
page also incorrectly states that gitlab-sshd does not
support SSH certificates.
Solution
Add a new standalone documentation page
gitlab_sshd_ssh_certificates.md covering configuration,
certificate issuance, multi-CA support, security
considerations, and troubleshooting. Update gitlab_sshd.md
to correct the outdated statement. Add cross-references from
ssh_certificates.md and group/ssh_certificates.md.
References
- Implementation MR: gitlab-shell!1396 (merged)
- Issue: gitlab-shell#841 (closed)
- Existing OpenSSH SSH certificates docs:
doc/administration/operations/ssh_certificates.md - Existing group-level SSH certificates docs:
doc/user/group/ssh_certificates.md - Existing gitlab-sshd docs:
doc/administration/operations/gitlab_sshd.md
Screenshots or screen recordings
Not applicable (documentation only).
How to set up and validate locally
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.