diff --git a/README.md b/README.md
index c996180d..f4eb3779 100644
--- a/README.md
+++ b/README.md
@@ -130,17 +130,20 @@ NOTE: `sshd_manage_selinux` is limited to *adding* policy. It cannot be used
 for *removing* policy. If you want to remove ports, you will need to use the
 selinux system role directly.
 
-#### sshd
+#### sshd_config
 
 A dict containing configuration.  e.g.
 
 ```yaml
-sshd:
+sshd_config:
   Compression: delayed
   ListenAddress:
     - 0.0.0.0
 ```
 
+*Note*: This variable was previous called `sshd`. `sshd` is can still be used
+but is deprecated and will be removed in a future release.
+
 #### sshd_`<OptionName>`
 
 Simple variables can be used rather than a dict. Simple values override dict
@@ -344,7 +347,7 @@ Use these variables to set the ownership and permissions for the Authorized Prin
 The SSH server needs this information stored in files so in addition to the above variables, respective configuration options `TrustedUserCAKeys` (mandatory) and `AuthorizedPrincipalsFile` (optional) need to be present the `sshd` dictionary when invoking the role. For example:
 
 ```yaml
-sshd:
+sshd_config:
   TrustedUserCAKeys: /etc/ssh/path-to-trusted-user-ca-keys/trusted-user-ca-keys.pub
   AuthorizedPrincipalsFile: "/etc/ssh/path-to-auth-principals/auth_principals/%u"
 ```
@@ -370,7 +373,7 @@ provides. Running it will likely break your SSH access to the server!
 - hosts: all
   vars:
     sshd_skip_defaults: true
-    sshd:
+    sshd_config:
       Compression: true
       ListenAddress:
         - "0.0.0.0"
@@ -413,7 +416,7 @@ for example:
       name: willshersystems.sshd
     vars:
       sshd_skip_defaults: true
-      sshd:
+      sshd_config:
         Compression: true
         ListenAddress:
           - "0.0.0.0"
@@ -440,7 +443,7 @@ option:
       name: willshersystems.sshd
     vars:
       sshd_config_namespace: accept-env
-      sshd:
+      sshd_config:
         # there are some handy environment variables to accept
         AcceptEnv:
           LANG
diff --git a/examples/example-accept-env.yml b/examples/example-accept-env.yml
index b5a800a7..f2bac8ed 100644
--- a/examples/example-accept-env.yml
+++ b/examples/example-accept-env.yml
@@ -7,7 +7,7 @@
         name: ansible-sshd
       vars:
         sshd_config_namespace: accept-env
-        sshd:
+        sshd_config:
           # there are some handy environment variables to accept
           AcceptEnv:
             LANG
diff --git a/examples/example-root-login.yml b/examples/example-root-login.yml
index e47e6c27..1f6b8184 100644
--- a/examples/example-root-login.yml
+++ b/examples/example-root-login.yml
@@ -6,7 +6,7 @@
       ansible.builtin.include_role:
         name: ansible-sshd
       vars:
-        sshd:
+        sshd_config:
           # root login and password login is enabled only from a particular subnet
           PermitRootLogin: false
           PasswordAuthentication: false
diff --git a/examples/example-use-certificates.yml b/examples/example-use-certificates.yml
index 59dd00e4..dadae294 100644
--- a/examples/example-use-certificates.yml
+++ b/examples/example-use-certificates.yml
@@ -6,7 +6,7 @@
       ansible.builtin.include_role:
         name: ansible-sshd
       vars:
-        sshd:
+        sshd_config:
           # Disable password authentication, use SSH Certificates and configure authorized principals
           PasswordAuthentication: false
           TrustedUserCAKeys: /etc/ssh/trusted-user-ca-keys.pub