summaryrefslogtreecommitdiff
path: root/docs/configuration/protocols/rpki.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/configuration/protocols/rpki.rst')
-rw-r--r--docs/configuration/protocols/rpki.rst12
1 files changed, 7 insertions, 5 deletions
diff --git a/docs/configuration/protocols/rpki.rst b/docs/configuration/protocols/rpki.rst
index aeb2941b..acce2d56 100644
--- a/docs/configuration/protocols/rpki.rst
+++ b/docs/configuration/protocols/rpki.rst
@@ -140,11 +140,13 @@ Configuration
SSH
===
-Connections to the RPKI caching server can not only be established by HTTP/TLS
-but you can also rely on a secure SSH session to the server. To enable SSH,
-first you need to create an SSH client keypair using ``generate ssh
-client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup
-the connection.
+Connections to the RPKI caching server can not only be established by TCP using
+the RTR protocol but you can also rely on a secure SSH session to the server.
+This provides transport integrity and confidentiality and it is a good idea if
+your validation software supports it. To enable SSH, first you need to create
+an SSH client keypair using ``generate ssh client-key
+/config/auth/id_rsa_rpki``. Once your key is created you can setup the
+connection.
.. cfgcmd:: set protocols rpki cache <address> ssh username <user>