From 2b9c0556a4f163a345b80a46500d55053218e02b Mon Sep 17 00:00:00 2001
From: John Lancaster <32917998+jsl12@users.noreply.github.com>
Date: Sat, 3 Jan 2026 22:49:45 -0600
Subject: [PATCH] readme content

---
 README.md | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 738402c..07695eb 100644
--- a/README.md
+++ b/README.md
@@ -18,6 +18,8 @@ step ca init --ssh --acme
 
 ## SSH Certificates
 
+### Server
+
 Use step-ca to sign an existing public key to produce a signed certificate with some principals on it.
 
 ```
@@ -41,4 +43,17 @@ TrustedUserCAKeys /etc/ssh/ssh_user_ca.pub
 HostKey /etc/ssh/ssh_host_ed25519_key
 HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
 EOF
-```
\ No newline at end of file
+```
+
+```
+systemctl reload sshd
+```
+
+### Client
+
+```
+step ssh certificate --sign \
+--principal root --principal john \
+--provisioner admin \
+john@john-pc-ubuntu ~/.ssh/id_ed25519.pub
+```