From 0fd025ee6fd19b9976e734d318ac6f6121f3788c Mon Sep 17 00:00:00 2001
From: "Glenn K. Lockwood" <glennklockwood@gmail.com>
Date: Sun, 26 Jul 2020 20:18:23 -0700
Subject: [PATCH] update docs

---
 README.md | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 9a4d7d2..fb6b2f2 100644
--- a/README.md
+++ b/README.md
@@ -63,11 +63,25 @@ to ensure that it does not lock you out of your Raspberry Pi.
 
 This playbook can install ssh host keys.  To do so,
 
-1. drop the appropriate `ssh_host_*_key` files into `roles/common/files/etc/ssh/`
-2. rename each file from `ssh_host_*_key` to `ssh_host_*_key.hostname` where
+1. Drop the appropriate `ssh_host_*_key` files into `roles/common/files/etc/ssh/`
+2. Rename each file from `ssh_host_*_key` to `ssh_host_*_key.hostname` where
    `hostname` matches the `hostname` in `roles/common/vars/main.yml` to which
    the hostkey should be deployed
 3. `ansible-vault encrypt roles/common/files/etc/ssh/ssh_host_*_key.*`
+4. Add these files to `roles/common/vars/main.yml`
+
+The format expected in `roles/common/vars/main.yml` is something like
+
+    ---
+    macaddrs:
+        dc:a6:32:8c:8a:53:
+            hostname: "cloverdale"
+            # ...
+            ssh_host_key_files:
+              - etc/ssh/ssh_host_rsa_key.cloverdale
+              - etc/ssh/ssh_host_dsa_key.cloverdale
+              - etc/ssh/ssh_host_ecdsa_key.cloverdale
+              - etc/ssh/ssh_host_ed25519_key.cloverdale
 
 ## Acknowledgment