## Problem to solve Two documentation pages cover SSH certificate authentication but don't reference each other, and neither provides context to help users understand which approach applies to their situation: - [Manage group SSH certificates](https://docs.gitlab.com/user/group/ssh_certificates/): Scoped to GitLab.com only, covers the group-level CA certificate feature. - [User lookup via OpenSSH's AuthorizedPrincipalsCommand](https://docs.gitlab.com/administration/operations/ssh_certificates/): Scoped to GitLab Self-Managed, covers SSH certificate auth via OpenSSH. A user on GitLab Self-Managed who lands on the group-level page has no onward path to the admin page, and vice versa. The admin page also lacks big-picture context and does not mention `gitlab-sshd`, which is required for the group-level feature to work on self-managed. This gap was surfaced in a customer-facing discussion about a GitLab Dedicated customer who encountered the **Enforce SSH certificates** group setting on a self-managed instance, despite the feature being documented as GitLab.com only. ## Further details The audience for both pages includes GitLab administrators and group owners who want to centralize SSH authentication using CA certificates. Currently, the relationship between the two approaches (and any prerequisites for each) is not documented. A related open question (being discussed separately) is whether to formally support the group-level SSH certificate feature on GitLab Self-Managed. Any decision there may require additional documentation updates beyond the scope of this issue. ## Proposal - Add cross-links between the two pages so users can navigate between them. - Add context to each page explaining when you would use that approach, and how it relates to the other. ## Other links/references - [Slack thread](https://gitlab.slack.com/archives/CK75EF2A2/p1771538690027409)