diff --git a/README.md b/README.md
index f0974773..b318082f 100644
--- a/README.md
+++ b/README.md
@@ -532,7 +532,7 @@ fred-cert.der would be:
 TPM
 ===
 
-wolfSSH now supports TPM support with client key authentication.
+wolfSSH now supports TPM public key authentication.
 
 When using TPM for client side public key authentication wolfSSH has dependencies
 on wolfCrypt and wolfTPM. Youll also need to have a tpm simulator
@@ -565,8 +565,10 @@ using:
 
     $ ./examples/keygen/keygen keyblob.bin -rsa -t -pem
 
-Take key.pem and convert the TPM public key to the ssh-rsa BASE64 username format:
-`ssh-keygen -f key.pem -i -m PKCS8`. Update echoserver.c user "hansel"'s public key.
+This will produce a key.pem TPM public key which needs to be converted the to
+the ssh-rsa BASE64 username format using this command: `ssh-keygen -f key.pem -i -m PKCS8`
+Take this BASE64 encoded public key and update the `samplePublicKeyRsaBuffer`
+in `echoserver.c` with it. Make sure to the user is "hansel"'s public key.
 
 The directory `examples` contains an echoserver that any client should
 be able to connect to. From wolfSSH open two terminal instances and run the
diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c
index 48eca62b..81a38052 100644
--- a/examples/echoserver/echoserver.c
+++ b/examples/echoserver/echoserver.c
@@ -43,6 +43,7 @@
 #include <wolfssh/agent.h>
 #include <wolfssh/test.h>
 #include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/logging.h>
 
 #include "examples/echoserver/echoserver.h"
 
diff --git a/src/internal.c b/src/internal.c
index d6cc4752..12783630 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1546,6 +1546,8 @@ static int GetOpenSshKeyEd25519(ed25519_key* key,
 }
 #endif
 
+#ifdef WOLFSSH_TPM
+
 #ifndef WOLFSSH_NO_ECDSA
 static int GetOpenSshPublicKeyEcc(ecc_key* key, const byte* buf, word32 len,
     word32* idx)
@@ -1631,6 +1633,8 @@ static int GetOpenSshPublicKey(WS_KeySignature *key,
     return ret;
 }
 
+#endif /* WOLFSSH_TPM */
+
 /*
  * Decodes an OpenSSH format key.
  */
@@ -12947,9 +12951,9 @@ static int BuildUserAuthRequestRsa(WOLFSSH* ssh,
                     ret = WS_CRYPTO_FAILED;
                 }
                 else {
-                    int sigSz;
                     WLOG(WS_LOG_INFO, "Signing hash with RSA.");
                 #ifdef WOLFSSH_TPM
+                    int sigSz;
                     sigSz = keySig->sigSz;
                     if (ssh->ctx->tpmDev && ssh->ctx->tpmKey) {
                         ret = wc_RsaPad_ex(encDigest, encDigestSz, output+begin,