Add warning about private keys

QueraTeam · Aug 11, 2024 · cb6af6a · cb6af6a
1 parent 4ee6dd5
commit cb6af6a
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -106,7 +106,8 @@ As a result, autossh detects the connection problem and restarts SSH.
 
 ## Key generation
 
-You need two pairs of SSH keys to establish a secure SSH connection.
+You need two SSH key pairs to establish a secure SSH connection
+without the risk of MITM (Man-In-The-Middle) attacks.
 We encode the private keys in base64 format to pass them as environment variables.
 
 ```shell
@@ -117,6 +118,10 @@ ssh-keygen -t ed25519 -N '' -C key2-$(date -I) -f key2
 cat key2 | base64 -w 0 > key2.base64
 ```
 
+> [!WARNING]  
+> Make sure both private keys are kept secret.
+> Any file containing a private key should be protected with proper file permissions.
+
 ## Example usage
 
 In this example, both client and server containers are run on the same host.