diff --git a/doc/README-SSH.md b/doc/README-SSH.md
index 1276f49..2b17e18 100644
--- a/doc/README-SSH.md
+++ b/doc/README-SSH.md
@@ -129,6 +129,7 @@ Requires=trezor-ssh-agent.socket
 
 [Service]
 Type=simple
+Restart=always
 Environment="DISPLAY=:0"
 Environment="PATH=/bin:/usr/bin:/usr/local/bin:%h/.local/bin"
 ExecStart=/usr/bin/trezor-agent --foreground --sock-path %t/trezor-agent/S.ssh IDENTITY
@@ -138,6 +139,13 @@ If you've installed `trezor-agent` locally you may have to change the path in `E
 
 Replace `IDENTITY` with the identity you used when exporting the public key.
 
+`IDENTITY` can be a path (starting with `/`) to a file containing a list of public keys 
+generated by Trezor. I.e. `/home/myUser/.ssh/trezor.conf` with one public key per line. 
+This is a more convenient way to have a systemd setup that has to handle multiple 
+keys/hosts.
+
+When updating the file, make sure to restart trezor-agent.
+
 If you have multiple Trezors connected, you can select which one to use via a `TREZOR_PATH`
 environment variable. Use `trezorctl list` to find the correct path. Then add it
 to the agent with the following line:
@@ -173,9 +181,13 @@ systemctl --user enable trezor-ssh-agent.socket
 ##### 3. Add this line to your `.bashrc` or equivalent file:
 
 ```bash
-export SSH_AUTH_SOCK=$(systemctl show --user --property=Listen trezor-ssh-agent.socket | grep -o "/run.*")
+export SSH_AUTH_SOCK=$(systemctl show --user --property=Listen trezor-ssh-agent.socket | grep -o "/run.*" | cut -d " " -f 1)
 ```
 
+Make sure the SSH_AUTH_SOCK variable matches the location of the socket that trezor-agent
+is listening on: `ps -x | grep trezor-agent`. In this setup trezor-agent should start 
+automatically when the socket is opened.
+
 ##### 4. SSH will now automatically use your device key in all terminals.
 
 ## 4. Troubleshooting