openpubkey · EthanHeilman · Sep 18, 2025 · Sep 16, 2025 · Sep 18, 2025 · Sep 18, 2025
diff --git a/commands/verify.go b/commands/verify.go
@@ -75,9 +75,9 @@ func NewVerifyCmd(pktVerifier verifier.Verifier, checkPolicy PolicyEnforcerFunc,
 
 // This function is called by the SSH server as the AuthorizedKeysCommand:
 //
-// The following lines are added to /etc/ssh/sshd_config:
+// By default, the following lines are added to the sshd_config at /etc/ssh/sshd_config.d/60-opk-ssh.conf:
 //
-//	AuthorizedKeysCommand /usr/local/bin/opkssh ver %u %k %t
+//	AuthorizedKeysCommand /usr/local/bin/opkssh verify %u %k %t
 //	AuthorizedKeysCommandUser opksshuser
 //
 // The parameters specified in the config map the parameters sent to the function below.

diff --git a/scripts/installing.md b/scripts/installing.md
@@ -101,8 +101,9 @@ add a new configuration file with a lower starting number than other configurati
 
 For example, if the file `/etc/ssh/sshd_config.d/20-systemd-userdb.conf` exists,
 create `/etc/ssh/sshd_config.d/19-opk-ssh.conf` with the lines above.
+By default, the opkssh installer will create this file at `/etc/ssh/sshd_config.d/60-opk-ssh.conf`.
 
-Verify the setting is active with 
+Verify the setting is active with
 
 ```bash
 sudo sshd -T | grep authorizedkeyscommand