diff --git a/FAQ.md b/FAQ.md
new file mode 100644
index 0000000000000000000000000000000000000000..d51bf79ba1787c1aaebbc9434f289e00e6cb4d32
--- /dev/null
+++ b/FAQ.md
@@ -0,0 +1,49 @@
+What should I do when rdiff-backup fails?
+=========================================
+
+If rdiff-backup fails, the meta data file may get corrupt. When this
+happens, rdiff-backup will complain loudly every time it is run and
+possibly fail to backup some or all the files.
+
+To force rdiff-backup to rebuild the meta data, set this option in
+the `.rdiff` backup action file:
+
+        options = --force
+
+After a rdiff-backup run has been successful you should remove
+this option.
+
+How to restrict privileges on the backup server?
+================================================
+
+backupninja uses a "push" mechanism, where backups are sent from one
+or several hosts to a centralized backup server.
+
+Mount your backup partition with limited execution rights
+---------------------------------------------------------
+
+Edit `/etc/fstab` to mount your partition with limited rights. For example:
+
+        /home           ext3    defaults,nosuid,noexec,nodev      0       2
+
+Create a user for each client
+-----------------------------
+
+On the backup server, it is important to create a separate user for
+each client.
+
+Use a restricted shell and jail users
+-------------------------------------
+
+Furthermore, you may use a restricted shell like
+[rssh](http://www.pizzashack.org/rssh/index.shtml) or
+[scponly](http://sublimation.org/scponly/wiki/index.php/Main_Page),
+which also offer the ability to jail connections.
+
+On the backup server:
+
+        $ apt-get install scponly
+        $ adduser --disabled-password --home /home/backup/ninja-host1 --shell /usr/bin/scponly ninja-host1
+
+You may now use `ninja-host1` user to connect to the
+`/home/backup/ninja-host1` jail.
diff --git a/README.md b/README.md
index 646a9c6b4fe0820bc2d62dfc6871199ae57218a5..e920cd3f43d544ba167a60532aeac3eba86c2cad 100644
--- a/README.md
+++ b/README.md
@@ -278,3 +278,8 @@ strategy outlined above is the way to go because:
    have root on the production server;
 3. rdiff-backup is more space efficient and featureful than using
    rsync + hard links.
+
+FAQ
+===
+
+See the [FAQ](FAQ.md).