diff --git a/README.md b/README.md
index b5739eb..41d7f57 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,7 @@ In this repo:
 - Create a copy of the inventory file `inventory/cluster_[NAME].yml.tpl`. 
   - Replace `[NAME]` with the name of the cluster and remove te `.tpl` suffix.
 - Inside this file replace all `[NAME]` and update the IPs
-  - In the package the customer will have one new Cloud VPS Bucket, this IP is used for `control.[NAME].k8s.snel.com`
+  - In the package the customer will have one new Cloud VPS Bucket, this IP is used for the Control Load Balancer `control.[NAME].k8s.snel.com`
   - In the package the customer will have 6 new Talos VPSses.
     - The first 3 IPs need to be used for the `talos_control_nodes`
     - The remaining 3 IPs need to be used for the `talos_worker_nodes`
@@ -20,7 +20,22 @@ In this repo:
     - Use these IPs in the inventory file as `ingress_ips` 
     - These will be floating IPs for MetalLB
 
-### Step 3: Execute playbook - VPSses
+## Step 3: Make sure you can login on the Control Load Balancer using your SSH key
+- Copy your public key to the user created by Hostbill
+```bash
+PUBLIC_KEY_FILE="${HOME}/.ssh/id_ed25519"
+ssh-copy-id  -i "${PUBLIC_KEY_FILE}"  client_XXXXX_XX@185.62.XXX.XXX
+```
+- Login as the user created by Hostbill
+```bash
+ssh client_XXXXX_XX@185.62.XXX.XXX
+```
+- Copy the public key to root. The sudo password will be asked which, this is the same as the user password from Hostbill.
+```bash
+sudo  bash -c 'mkdir -p /root/.ssh; cat /home/client_*/.ssh/authorized_keys >> /root/.ssh/authorized_keys'
+```
+
+## Step 3: Execute playbook - VPSses
 Your Vaultwarden vault password will be asked.
 ```zsh
 cd  ~/repos/snel.ansible
@@ -29,7 +44,7 @@ bw  sync
 BW_SESSION=$(bw unlock --raw)  ansible-playbook  site.yml  --limit cluster_[NAME]
 ```
 
-### Execute playbook - (Re)install Talos on Hardware
+## Execute playbook - (Re)install Talos on Hardware
 Your Vaultwarden vault password will be asked.
 ```zsh
 cd  ~/repos/snel.ansible