Update with secure password encryption methods

By default ssh-keygen uses an insecure password encryption method on the ssh key.
This change will add options to better protect the key.
See this page for more detail: https://latacora.singles/2018/08/03/the-default-openssh.html

Even if the user does not set a password, using the `-o` option needs to become
the new standard way to run `ssh-keygen`, since the default behavior is insecure.
Your help in establishing this option will be greatly appreciated and will help
improve overall security for your users and ssh users in general.

Originally submitted at
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/6796.
Signed-off-by: NRémy Coutable <remy@rymai.me>

doc/ssh/README.md

@@ -48,9 +48,11 @@ Note that Public SSH key may also be named as follows:
     **Git Bash on Windows / GNU/Linux / macOS:**
 
     ```bash
-    ssh-keygen -t rsa -C "your.email@example.com" -b 4096
+    ssh-keygen -o -t rsa -C "your.email@example.com" -b 4096
     ```
 
+    (Note: the `-o` option was introduced in 2014; if this command does not work for you, simply remove the `-o` option and try again)
+
     **Windows:**
 
     Alternatively on Windows you can download
@@ -75,7 +77,9 @@ Note that Public SSH key may also be named as follows:
 
      NOTE: **Note:**
      If you want to change the password of your SSH key pair, you can use
-     `ssh-keygen -p <keyname>`.
+     `ssh-keygen -p -o -f <keyname>`.
+     The `-o` option was added in 2014, so if this command does not work for you,
+     simply remove the `-o` option and try again.
 
 ## Adding a SSH key to your GitLab account