diff --git a/README.md b/README.md
index a9a6f8e..3df031e 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ services:
       - /var/run/docker.sock:/var/run/docker.sock
       - ~/.ssh/authorized_keys:/etc/bastion/authorized_keys.host:ro
       - ./docker/bastion/authorized_keys:/etc/bastion/authorized_keys.repo:ro
-      - bastion-keys:/etc/ssh/keys
+      - ./docker-data/bastion-app/keys:/etc/ssh/keys
     restart: unless-stopped
 
   ssh-deploy:
@@ -44,14 +44,15 @@ services:
       - /var/run/docker.sock:/var/run/docker.sock
       - .:/workspace:ro
       - ~/.ssh/authorized_keys:/etc/bastion/authorized_keys.host:ro
-      - bastion-keys-deploy:/etc/ssh/keys
+      - ./docker-data/bastion-deploy/keys:/etc/ssh/keys
     restart: unless-stopped
-
-volumes:
-  bastion-keys:
-  bastion-keys-deploy:
 ```
 
+> Host keys live in `./docker-data/bastion-*/keys/` as bind mounts — never
+> named volumes. `docker compose down -v` then can't wipe them, and the
+> client doesn't see "REMOTE HOST IDENTIFICATION HAS CHANGED" after a
+> rebuild. Gitignore `docker-data/` in the surrounding repo.
+
 Then from the client:
 
 ```bash