From 3a0570fbf403d206c1f6ecdcfa4ac2829755b902 Mon Sep 17 00:00:00 2001
From: Colin Dean <colindean@users.noreply.github.com>
Date: Sun, 5 May 2024 12:57:52 -0400
Subject: [PATCH] Nudge user to use PEM format for SSH keys

See also:

https://github.com/duplicati/duplicati/issues/3360

https://forum.duplicati.com/t/openssh-rsa-keys-not-supported/12619/8

Duplicati uses SSH.NET. https://github.com/sshnet/SSH.NET/issues/485 describes the need for PEM format.
---
 docs/05-storage-providers.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/05-storage-providers.md b/docs/05-storage-providers.md
index 91513f7..bfd7f21 100644
--- a/docs/05-storage-providers.md
+++ b/docs/05-storage-providers.md
@@ -263,6 +263,7 @@ To guard against man-in-the-middle attacks, the server fingerprint is verified o
 * `--ssh-keyfile`
 Points to a valid OpenSSH keyfile. If the file is encrypted, the password supplied is used to decrypt the keyfile.
 If this option is supplied, the password is not used to authenticate. This option only works when using the managed SSH client.
+This key should be in PEM format, e.g. created with `ssh-keygen -m pem`.
 * `--ssh-key`
 An url-encoded SSH private key. The private key must be prefixed with `sshkey://`. If the file is encrypted, the password supplied is used to decrypt the keyfile. If this option is supplied, the password is not used to authenticate. This option only works when using the managed SSH client.
 * `--ssh-operation-timeout = 0`