diff --git a/ChangeLog b/ChangeLog
index b66a58906eb40900403df04fa111fcdbf155aac1..6063fa91d96b01f7ae8abc534138b5554593eae3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -32,6 +32,8 @@ version 0.9.9 -- UNRELEASED
 	   the patch.
 	rdiff:
 	 . Generate 4096 bits RSA keys.
+    documentation changes
+	 . Recommend using 4096 bits RSA keys everywhere.
 
 version 0.9.8.1 -- October 31, 2010 (boo!)
     backupninja changes
diff --git a/README b/README
index 8b01addab4345c7aa7deda22b220f037cdb8279c..41d418681885caebd2f9d2fe28706fed8646e32b 100644
--- a/README
+++ b/README
@@ -201,8 +201,8 @@ In order for rdiff-backup to sync files over ssh unattended, you must
 create ssh keys on the source server and copy the public key to the
 remote user's authorized keys file. For example:
 
-  root@srchost# ssh-keygen -t dsa
-  root@srchost# ssh-copy-id -i /root/.ssh/id_dsa.pub backup@desthost 
+  root@srchost# ssh-keygen -t rsa -b 4096
+  root@srchost# ssh-copy-id -i /root/.ssh/id_rsa.pub backup@desthost
 
 Now, you should be able to ssh from user 'root' on srchost to
 user 'backup' on desthost without specifying a password.
diff --git a/examples/example.dup b/examples/example.dup
index 0ed5b2a87f2f35438806f61fcb7a3a8b122492b6..3eb4529ec9f9f4cf55bf85324b151347f60abef4 100644
--- a/examples/example.dup
+++ b/examples/example.dup
@@ -203,7 +203,7 @@ exclude = /var/cache/backupninja/duplicity
 ## warning: sftp does not support all scp options, especially -i; as
 ## a workaround, you can use "-o <SSHOPTION>"
 ## an example setting would be:
-## sshoptions = -o IdentityFile=/root/.ssh/id_dsa_duplicity
+## sshoptions = -o IdentityFile=/root/.ssh/id_rsa_duplicity
 ##
 ## Default:
 # sshoptions = 
diff --git a/handlers/dup.helper.in b/handlers/dup.helper.in
index 12331a3bea1797719b3fe99b394b3a70dd06ec0e..f85cf879a3c690a133d8366cf251ed98a90add7b 100644
--- a/handlers/dup.helper.in
+++ b/handlers/dup.helper.in
@@ -449,7 +449,7 @@ bandwidthlimit = $dup_bandwidth
 # passed directly to ssh, scp (and sftp in duplicity >=0.4.2)
 # warning: sftp does not support all scp options, especially -i; as
 # a workaround, you can use "-o <SSHOPTION>"
-#sshoptions = -o IdentityFile=/root/.ssh/id_dsa_duplicity
+#sshoptions = -o IdentityFile=/root/.ssh/id_rsa_duplicity
 sshoptions = $dup_sshoptions
 
 # put the backups under this destination directory
diff --git a/man/backupninja.1 b/man/backupninja.1
index 5622881928735ad55d93fd1574fdd75164f720b1..4363222c1441961a95a183fca3e9a66dd0ce1a68 100644
--- a/man/backupninja.1
+++ b/man/backupninja.1
@@ -104,7 +104,7 @@ Then, vital parts of the file system, including /var/backups, are nightly pushed
 .TP
 In order for this to work (ie for diff-backup to run unattended), you must create ssh keys on the source server and copy the public key to the remote user's authorized keys file. For example:
 .br
-root@srchost# ssh-keygen -t dsa
+root@srchost# ssh-keygen -t rsa -b 4096
 .br
 root@srchost# ssh-copy-id -i /root/.ssh/id_dsa.pub backup@desthost
 .TP