diff --git a/README.md b/README.md
index 51f9009..638b4f9 100644
--- a/README.md
+++ b/README.md
@@ -490,13 +490,22 @@ EOF
 Generate Signature, Encryption and Authentication Subkeys using the previously configured key type, passphrase and expiration:
 
 ```console
-for SUBKEY in sign encrypt auth ; do \
-    echo "$CERTIFY_PASS" | \
+echo "$CERTIFY_PASS" | \
     gpg --batch --pinentry-mode=loopback --passphrase-fd 0 \
-        --quick-add-key "$KEYFP" "$KEY_TYPE" "$SUBKEY" "$EXPIRATION"
-done
+        --quick-add-key "$KEYFP" "$KEY_TYPE" sign "$EXPIRATION"
+
+echo "$CERTIFY_PASS" | \
+    gpg --batch --pinentry-mode=loopback --passphrase-fd 0 \
+        --quick-add-key "$KEYFP" "$KEY_TYPE" encrypt "$EXPIRATION"
+
+echo "$CERTIFY_PASS" | \
+    gpg --batch --pinentry-mode=loopback --passphrase-fd 0 \
+        --quick-add-key "$KEYFP" "$KEY_TYPE" auth "$EXPIRATION"
 ```
 
+> [!NOTE]
+> Some systems no longer accept RSA keys for SSH authentication; set the `KEY_TYPE` variable to `ed25519` before generating the last `auth` subkey.
+
 # Verify keys
 
 List available secret keys: