1 files changed, 16 insertions, 2 deletions

diff --git a/doc/appendix/guides/import-existing-ssh-keys.txt b/doc/appendix/guides/import-existing-ssh-keys.txt
index 6ce41ba60..4e2282044 100644
--- a/doc/appendix/guides/import-existing-ssh-keys.txt
+++ b/doc/appendix/guides/import-existing-ssh-keys.txt
@@ -1,4 +1,5 @@
 .. -*- mode: rst -*-
+.. vim: ft=rst
 
 .. _appendix-guides-import-existing-ssh-keys:
 
@@ -21,11 +22,24 @@ Add a bundle for ssh
 
 After verifying that SSHbase is listed on the plugins line in
 ``/etc/bcfg2.conf``, you need to create a bundle containing the
-appropriate entries.
+appropriate entries.  In general, you can use a path glob:
 
 .. code-block:: xml
 
     <Bundle>
+      <Path glob="/etc/ssh/*"/>
+    </Bundle>
+
+If you need more granular control -- e.g., other entries in
+``/etc/ssh`` are specified in other bundles -- you can also list the
+files explicity:
+
+.. code-block:: xml
+
+    <Bundle>
+      <!-- requires a version of openssh that can generate ecdsa keys -->
+      <Path name="/etc/ssh/ssh_host_ecdsa_key"/>
+      <Path name="/etc/ssh/ssh_host_ecdsa_key.pub"/>
       <Path name='/etc/ssh/ssh_host_dsa_key'/>
       <Path name='/etc/ssh/ssh_host_rsa_key'/>
       <Path name='/etc/ssh/ssh_host_dsa_key.pub'/>
@@ -83,7 +97,7 @@ Now, we pull the ssh host key data for the client out of the uploaded
 stats and insert it as host-specific copies of these files in
 ``/var/lib/bcfg2/SSHBase``.::
 
-    for key in ssh_host_rsa_key ssh_host_dsa_key ssh_host_key; do
+    for key in ssh_host_ecdsa_key ssh_host_rsa_key ssh_host_dsa_key ssh_host_key; do
         sudo bcfg2-admin pull <clientname> Path /etc/ssh/$key
         sudo bcfg2-admin pull <clientname> Path /etc/ssh/$key.pub
     done