diff --git a/Changelog.md b/Changelog.md
index 2378f11..88043b7 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,12 @@
+## 0.9.7
+
+ * The insecure key is now also available in PuTTY format. (Thomas LÉVEIL)
+ * Fixed `enable_insecure_key` removing already installed SSH keys. (Thomas LÉVEIL)
+ * Improved and fixed bugs in `my_init` (Thomas LÉVEIL):
+ * It is now possible to enable the insecure key by passing `--enable-insecure-key` to `my_init`. This allows users to easily enable the insecure key for convenience reasons, without having the insecure key enabled permanently in the image.
+ * Fixed a bug that causes it not to print messages to stdout when there is no pseudo terminal. This is because Python buffers stdout by default.
+ * Fixed an incorrectly printed message.
+
## 0.9.6 (release date: 2014-02-17)
* Fixed a bug in `my_init`: child processes that have been adopted during execution of init scripts are now properly reaped.
diff --git a/README.md b/README.md
index 65ab7b8..53362b4 100644
--- a/README.md
+++ b/README.md
@@ -42,6 +42,9 @@ You can configure the stock `ubuntu` image yourself from your Dockerfile, so why
* [Running scripts during container startup](#running_startup_scripts)
* [Running a one-shot command in the container](#oneshot)
* [Login to the container via SSH](#login)
+ * [Using the insecure key for one container only](#using_the_insecure_key_for_one_container_only)
+ * [Enabling the insecure key permanently](#enabling_the_insecure_key_permanently)
+ * [Using your own key](#using_your_own_key)
* [Disabling SSH](#disabling_ssh)
* [Building the image yourself](#building)
* [Conclusion](#conclusion)
@@ -207,12 +210,15 @@ You can use SSH to login to any container that is based on baseimage-docker.
The first thing that you need to do is to ensure that you have the right SSH keys installed inside the container. By default, no keys are installed, so you can't login. For convenience reasons, we provide [a pregenerated, insecure key](https://github.com/phusion/baseimage-docker/blob/master/image/insecure_key) [(PuTTY format)](https://github.com/phusion/baseimage-docker/blob/master/image/insecure_key.ppk) that you can easily enable. However, please be aware that using this key is for convenience only. It does not provide any security because this key (both the public and the private side) is publicly available. **In production environments, you should use your own keys**.
-#### Using the insecure key
+
+#### Using the insecure key for one container only
-Start a container with `--enable-insecure-key`
+You can temporarily enable the insecure key for one container only. This means that the insecure key is installed at container boot. If you `docker stop` and `docker start` the container, the insecure key will still be there, but if you use `docker run` to start a new container then that container will not contain the insecure key.
+
+Start a container with `--enable-insecure-key`:
docker run YOUR_IMAGE /sbin/my_init --enable-insecure-key
-
+
Find out the ID of the container that you just ran:
docker ps
@@ -227,7 +233,18 @@ Now SSH into the container as follows:
chmod 700 insecure_key
ssh -i insecure_key root@
+
+#### Enabling the insecure key permanently
+It is also possible to enable the insecure key in the image permanently. This is not generally recommended, but it suitable for e.g. temporary development or demo environments where security does not matter.
+
+Edit your Dockerfile to install the insecure key permanently:
+
+ RUN /usr/sbin/enable_insecure_key
+
+Instructions for logging in the container is the same as in section [Using the insecure key for one container only](#using_the_insecure_key_for_one_container_only).
+
+
#### Using your own key
Edit your Dockerfile to install an SSH key:
@@ -239,7 +256,7 @@ Edit your Dockerfile to install an SSH key:
Then rebuild your image. Once you have that, start a container based on that image:
docker run your-image-name
-
+
Find out the ID of the container that you just ran:
docker ps