diff --git a/README.md b/README.md
index d5334f94b8dc121a3744768ba52b7aeb2af9dc3a..43afba58ffc5d600c04c8209d5fd3853119616ca 100644
--- a/README.md
+++ b/README.md
@@ -170,6 +170,27 @@ environment-level settings:
 * `SOFT_SERVE_REPO_PATH`: Path where repos are stored (_default .repos_)
 * `SOFT_SERVE_INITIAL_ADMIN_KEY`: The public key that will initially have admin access to repos (_default ""_). This must be set before `soft` runs for the first time and creates the `config` repo. If set after the `config` repo has been created, this setting has no effect.
 
+
+### A note about RSA keys
+
+Unfortunately, due to a shortcoming in Go’s `x/crypto/ssh` package, Soft Serve
+does not currently support access via new SSH RSA keys: only the old SHA-1
+ones will work.
+
+Until we sort this out you'll either need an SHA-1 RSA key or a key with
+another algorithm, e.g. Ed25519. Not sure what type of keys you have?
+You can check with the following:
+
+```
+$ find ~/.ssh/id_*.pub -exec ssh-keygen -l -f {} \;
+```
+
+If you're curious about the inner workings of this problem have a look at:
+
+- https://github.com/golang/go/issues/37278
+- https://go-review.googlesource.com/c/crypto/+/220037
+- https://github.com/golang/crypto/pull/197
+
 ## License
 
 [MIT](https://github.com/charmbracelet/soft-serve/raw/main/LICENSE)