diff --git a/etc/ssh/ssh_config.d/30_security-misc.conf b/etc/ssh/ssh_config.d/30_security-misc.conf
index 6693f72..b582dd1 100644
--- a/etc/ssh/ssh_config.d/30_security-misc.conf
+++ b/etc/ssh/ssh_config.d/30_security-misc.conf
@@ -7,6 +7,9 @@
 ## need to be system-wide, you may also consider placing overrides in
 ## ~/.ssh/config.
 
+## See also:
+## https://www.kicksecure.com/wiki/SSH#Client_Configuration_File
+
 Host *
   VisualHostKey yes
   Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
diff --git a/etc/ssh/sshd_config.d/30_security-misc.conf b/etc/ssh/sshd_config.d/30_security-misc.conf
index 5abf9cc..f279fee 100644
--- a/etc/ssh/sshd_config.d/30_security-misc.conf
+++ b/etc/ssh/sshd_config.d/30_security-misc.conf
@@ -5,6 +5,9 @@
 ## number that is read later by SSHD, such as
 ## '/etc/ssh/sshd_config.d/50_user.conf'.
 
+## See also:
+## https://www.kicksecure.com/wiki/SSH#Server_Configuration_File
+
 ## This is okay because of strict firewall. For an onion-only server, listen
 ## on 127.0.0.1.
 ListenAddress 0.0.0.0