diff --git a/debian/control b/debian/control
index abd80d9440..2afcbe578a 100644
--- a/debian/control
+++ b/debian/control
@@ -135,7 +135,6 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  ruby-omniauth-kerberos (>= 0.3.0-3~),
  ruby-omniauth-oauth2-generic (>= 0.2.2~),
  ruby-omniauth-saml (>= 2.0~),
- ruby-omniauth-shibboleth (>= 1.3~),
  ruby-omniauth-twitter (>= 1.4~),
    ruby-omniauth-oauth (>= 1.2~),
  ruby-omniauth-authentiq (>= 0.3.3~),
diff --git a/debian/patches/Gemfile/0240-remove-omniauth-shibboleth.patch b/debian/patches/Gemfile/0240-remove-omniauth-shibboleth.patch
new file mode 100644
index 0000000000..5fe8e2a8c2
--- /dev/null
+++ b/debian/patches/Gemfile/0240-remove-omniauth-shibboleth.patch
@@ -0,0 +1,83 @@
+From 93d13533cdad1aa5e7b508f88b44fb9a758d06d5 Mon Sep 17 00:00:00 2001
+From: Imre Farkas <ifarkas@gitlab.com>
+Date: Mon, 23 Jan 2023 17:11:50 +0100
+Subject: [PATCH] Remove omniauth-shibboleth gem
+
+Integration with Shibboleth is recommended via omniauth-saml since
+GitLab 10.
+---
+ Gemfile                                          |   1 -
+ Gemfile.checksum                                 |   1 -
+ Gemfile.lock                                     |   3 ---
+ app/assets/images/auth_buttons/shibboleth_64.png | Bin 2993 -> 0 bytes
+ app/helpers/auth_helper.rb                       |   1 -
+ spec/lib/gitlab/omniauth_initializer_spec.rb     |   8 --------
+ 6 files changed, 14 deletions(-)
+ delete mode 100644 app/assets/images/auth_buttons/shibboleth_64.png
+
+--- a/Gemfile
++++ b/Gemfile
+@@ -72,7 +72,6 @@
+ gem 'omniauth-google-oauth2', '~> 1.1'
+ gem 'omniauth-oauth2-generic', '~> 0.2.2'
+ gem 'omniauth-saml', '~> 2.0'
+-gem 'omniauth-shibboleth', '~> 1.3'
+ gem 'omniauth-twitter', '~> 1.4'
+ gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md
+ gem 'omniauth-authentiq', '~> 0.3.3'
+--- a/Gemfile.checksum
++++ b/Gemfile.checksum
+@@ -397,7 +397,6 @@
+ {"name":"omniauth-oauth2","version":"1.8.0","platform":"ruby","checksum":"b2f8e9559cc7e2d4efba57607691d6d2b634b879fc5b5b6ccfefa3da85089e78"},
+ {"name":"omniauth-oauth2-generic","version":"0.2.8","platform":"ruby","checksum":"ce6e8539019d5ebf2f48867072b9f248f148bb4cbe7166dee655865abfae7613"},
+ {"name":"omniauth-saml","version":"2.0.0","platform":"ruby","checksum":"02594fd6630de26a9e65a2e64223e9ad32324fa97a6c7f1f22a1553ea3dd44c7"},
+-{"name":"omniauth-shibboleth","version":"1.3.0","platform":"ruby","checksum":"b0bb725ced5cb76fbfc187ddbb8ad6864d0cd5df714cab36a528df8ee4b1d113"},
+ {"name":"omniauth-twitter","version":"1.4.0","platform":"ruby","checksum":"c5cc6c77cd767745ffa9ebbd5fbd694a3fa99d1d2d82a4d7def0bf3b6131b264"},
+ {"name":"open4","version":"1.3.4","platform":"ruby","checksum":"a1df037310624ecc1ea1d81264b11c83e96d0c3c1c6043108d37d396dcd0f4b1"},
+ {"name":"openid_connect","version":"1.3.0","platform":"ruby","checksum":"a796855096850cc01140e37ea6ae9fd14f2be818b9b5bc698418063dfe228770"},
+--- a/Gemfile.lock
++++ b/Gemfile.lock
+@@ -1015,8 +1015,6 @@
+     omniauth-saml (2.0.0)
+       omniauth (~> 2.0)
+       ruby-saml (~> 1.9)
+-    omniauth-shibboleth (1.3.0)
+-      omniauth (>= 1.0.0)
+     omniauth-twitter (1.4.0)
+       omniauth-oauth (~> 1.1)
+       rack
+@@ -1762,7 +1760,6 @@
+   omniauth-oauth2-generic (~> 0.2.2)
+   omniauth-salesforce (~> 1.0.5)!
+   omniauth-saml (~> 2.0.0)
+-  omniauth-shibboleth (~> 1.3.0)
+   omniauth-twitter (~> 1.4)
+   omniauth_crowd (~> 2.4.0)!
+   openssl (= 2.2.2)
+--- a/app/helpers/auth_helper.rb
++++ b/app/helpers/auth_helper.rb
+@@ -17,7 +17,6 @@
+     jwt
+     openid_connect
+     salesforce
+-    shibboleth
+     twitter
+   ).freeze
+   LDAP_PROVIDER = /\Aldap/.freeze
+--- a/spec/lib/gitlab/omniauth_initializer_spec.rb
++++ b/spec/lib/gitlab/omniauth_initializer_spec.rb
+@@ -216,14 +216,6 @@
+       expect { subject.execute([hash_config]) }.to raise_error(NameError)
+     end
+ 
+-    it 'configures fail_with_empty_uid for shibboleth' do
+-      shibboleth_config = { 'name' => 'shibboleth', 'args' => {} }
+-
+-      expect(devise_config).to receive(:omniauth).with(:shibboleth, fail_with_empty_uid: true)
+-
+-      subject.execute([shibboleth_config])
+-    end
+-
+     it 'configures remote_sign_out_handler proc for authentiq' do
+       authentiq_config = { 'name' => 'authentiq', 'args' => {} }
+ 
diff --git a/debian/patches/series b/debian/patches/series
index 9d189931b1..42f14e3296 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -14,6 +14,7 @@ Gemfile/0200-add-gitlab-dangerfiles.patch
 Gemfile/0210-comment-out-openssl.patch
 Gemfile/0220-relax-oj-in-ipynbdiff.patch
 Gemfile/0230-relax-omniauth-auth0.patch
+Gemfile/0240-remove-omniauth-shibboleth.patch
 nodejs/0010-set-webpack-root.patch
 nodejs/0020-remove-dev-dependencies.patch
 nodejs/0030-use-yarnpkg.patch