Update example config files

examples/chrony.keys.example

@@ -1,26 +1,30 @@
 #######################################################################
 #
 # This is an example chrony keys file.  You should copy it to /etc/chrony.keys
-# after editing it to set up the key(s) you want to use.  In most situations,
-# you will require a single key (the 'commandkey') so that you can supply a
-# password to chronyc to enable you to modify chronyd's operation whilst it is
-# running.
+# after editing it to set up the key(s) you want to use.  It should be readable
+# only by root or the user chronyd drops the root privileges to.  In most
+# situations, you will require a single key (the 'commandkey') so that you can
+# supply a password to chronyc to enable you to modify chronyd's operation
+# whilst it is running.
 #
 # Copyright 2002 Richard P. Curnow
 #
 #######################################################################
 # A valid key line looks like this
 
-1 a_key
+#1 MD5 HEX:B028F91EA5C38D06C2E140B26C7F41EC
 
-# It must consist of an integer, followed by whitespace, followed by a block of
-# text with no spaces in it.  (You cannot put a space in a key).  If you wanted
-# to use the above line as your commandkey (i.e. chronyc password), you would
-# put the following line into chrony.conf (remove the # from the start):
+# The key should be random for maximum security.  If you wanted to use the
+# above line as your commandkey (i.e. chronyc password) you would put the
+# following line into chrony.conf (remove the # from the start):
 
 # commandkey 1
 
-# You might want to define more keys if you use the MD5 authentication facility
+# A secure command key can be generated and added to the keyfile automatically
+# by adding the following directive to chrony.conf:
+
+# generatecommandkey
+
+# You might want to define more keys if you use the authentication facility
 # in the network time protocol to authenticate request/response packets between
 # trusted clients and servers.
-