Compare revisions

ca172c8e · b47ea148 · c1f53d0d · caa4ca67 · e06f4911 · 51807d0b
--- a/generator @ 53a922a1
+++ b/generator @ 53a922a1
-Subproject commit d73c076d4d529517a1457fc4a7a09d8906b6a13c
+Subproject commit 53a922a13c4e8916c97599b5242493a47ea0a2e2
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -176,7 +176,7 @@ deploy:vm:
    - echo "$KNOWNHOSTS" > ~/.ssh/known_hosts
    - chmod 644 ~/.ssh/known_hosts
  rules:
-    - if: '$CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_NAME == "develop" && $CI_PROJECT_PATH == "R3/howto-cards"'
+    #- if: '$CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_NAME == "develop" && $CI_PROJECT_PATH == "R3/howto-cards"'
    - if: '$CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_NAME == "master" && $CI_PROJECT_PATH == "R3/howto-cards"'
  script:
    - ssh -p $SSHPORT $SSHCONNECT "mkdir -p ~/$CI_COMMIT_REF_NAME/sources/public/$CI_JOB_ID ~/$CI_COMMIT_REF_NAME/public"

--- a/cards.md
+++ b/cards.md
@@ -57,6 +57,7 @@ order: -1
 			<li><a href="{{ 'external/contribute/markdown' | relative_url }}">Markdown</a></li>
 			<li><a href="{{ 'external/contribute/mirror-fork' | relative_url }}">Mirror fork automatically</a></li>
 			<li><a href="{{ 'external/contribute/review' | relative_url }}">Reviewing in Git</a></li>
+			<li><a href="{{ 'external/contribute/ssh-key-generation' | relative_url }}">Key-based Authentication on GitLab</a></li>
 			<li><a href="{{ 'external/contribute/supersede' | relative_url }}">Take over a stale merge request</a></li>
 			<li><a href="{{ 'external/contribute/vscode' | relative_url }}">Contribute using Visual Studio Code</a></li>
 			<li><a href="{{ 'external/contribute/web-ide' | relative_url }}">Contribute using Gitlab Web IDE</a></li>
@@ -66,11 +67,13 @@ order: -1
 	<div class="index-box noborderbox" id="exchange-channels-card">
 		<h3>Exchange channels</h3>
 		<ul>
-			<li><a href="{{ 'external/exchange-channels/lft' | relative_url }}">LCSB file transfer (LFT) Quick Guide</a></li>
-			<li><a href="{{ 'external/exchange-channels/calendar' | relative_url }}">Sharing calendar in Microsoft Exchange</a></li>
 			<li><a href="{{ 'external/exchange-channels/asperaweb' | relative_url }}">AsperaWEB Quick Guide</a></li>
-			<li><a href="{{ 'external/exchange-channels/owncloud' | relative_url }}">Owncloud</a></li>
+			<li><a href="{{ 'external/exchange-channels/atlas-hpc' | relative_url }}">Data transfer between Atlas and UL HPC Clusters</a></li>
+			<li><a href="{{ 'external/exchange-channels/calendar' | relative_url }}">Sharing calendar in Microsoft Exchange</a></li>
 			<li><a href="{{ 'external/exchange-channels/cryptomator' | relative_url }}">Cryptomator</a></li>
+			<li><a href="{{ 'external/exchange-channels/lft' | relative_url }}">LCSB file transfer (LFT) Quick Guide</a></li>
+			<li><a href="{{ 'external/exchange-channels/owncloud' | relative_url }}">Owncloud</a></li>
 		</ul>
 	</div>
 	<div class="index-box noborderbox" id="general-card">
@@ -96,32 +99,43 @@ order: -1
 			<li><a href="{{ 'external/integrity/organization' | relative_url }}">Organization</a></li>
 			<li><a href="{{ 'external/integrity/sanitisation' | relative_url }}">Sanitising Data Files</a></li>
 			<li><a href="{{ 'external/integrity/spreadsheets' | relative_url }}">Working with spreadsheets</a></li>
+			<li><a href="{{ 'external/integrity/transfer/owncloud-privatebin' | relative_url }}">Transfer of Human Data with OwnCloud</a></li>
 		</ul>
 	</div>
 	<div class="index-box noborderbox" id="lab-equipment-card">
 		<h3>Lab: Equipment</h3>
 		<ul>
-			<li><a href="{{ 'external/lab-equipment/cryostorage' | relative_url }}">Utilization of the cryostorage</a></li>
+			<li><a href="{{ 'external/lab-equipment/autoclaves' | relative_url }}">Autoclaves: utilization</a></li>
-			<li><a href="{{ 'external/lab-equipment/dishwasher-utilization-and-maintenance' | relative_url }}">Dishwasher utilization and maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/balances' | relative_url }}">Balances: utilization and maintenance</a></li>
-			<li><a href="{{ 'external/lab-equipment/electric-car' | relative_url }}">LCSB Electric Car</a></li>
+			<li><a href="{{ 'external/lab-equipment/biosafety-cabinets' | relative_url }}">Biosafety Cabinets: good practices</a></li>
-			<li><a href="{{ 'external/lab-equipment/hoods' | relative_url }}">Laminar Flow - Fume Hood - Biosafety Cabinet: what are the differences and when to use them?</a></li>
+			<li><a href="{{ 'external/lab-equipment/cold-traps' | relative_url }}">Cold traps: maintenance</a></li>
-			<li><a href="{{ 'external/lab-equipment/incubators' | relative_url }}">Maintenance of incubators</a></li>
+			<li><a href="{{ 'external/lab-equipment/cryostorage' | relative_url }}">Cryostorage: utilization</a></li>
-			<li><a href="{{ 'external/lab-equipment/lightcycler' | relative_url }}">How to leave virtual instrument mode on the LightCycler</a></li>
+			<li><a href="{{ 'external/lab-equipment/dishwasher-utilization-and-maintenance' | relative_url }}">Dishwasher: utilization and maintenance</a></li>
-			<li><a href="{{ 'external/lab-equipment/maintenance-of-fridges' | relative_url }}">Maintenance of fridges and freezers</a></li>
+			<li><a href="{{ 'external/lab-equipment/electric-car' | relative_url }}">Electric Car</a></li>
-			<li><a href="{{ 'external/lab-equipment/maintenance_of_cold_traps' | relative_url }}">Maintenance of cold traps  </a></li>
+			<li><a href="{{ 'external/lab-equipment/freezers' | relative_url }}">-20°C Freezers: maintenance</a></li>
-			<li><a href="{{ 'external/lab-equipment/power-consumption' | relative_url }}">Equipment power consumption</a></li>
+			<li><a href="{{ 'external/lab-equipment/freezers-80' | relative_url }}">-80°C freezers: maintenance</a></li>
-			<li><a href="{{ 'external/lab-equipment/utilization-of-autoclaves' | relative_url }}">Utilization of autoclaves</a></li>
+			<li><a href="{{ 'external/lab-equipment/freezers-150' | relative_url }}">-150°C freezers: maintenance</a></li>
-			<li><a href="{{ 'external/lab-equipment/utilization-of-balances' | relative_url }}">Utilization of balances</a></li>
+			<li><a href="{{ 'external/lab-equipment/fridges' | relative_url }}">Fridges: maintenance</a></li>
-			<li><a href="{{ 'external/lab-equipment/utilization-of-bsc' | relative_url }}">Biosafety Cabinets: good practices</a></li>
+			<li><a href="{{ 'external/lab-equipment/hoods' | relative_url }}">Hoods: Laminar Flow - Fume Hood - Biosafety Cabinet</a></li>
-			<li><a href="{{ 'external/lab-equipment/utilization-of-pH-meter' | relative_url }}">Utilization of pH meter</a></li>
+			<li><a href="{{ 'external/lab-equipment/incubators' | relative_url }}">Incubators: maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/lightcycler' | relative_url }}">LightCycler: leave the virtual instrument mode</a></li>
+			<li><a href="{{ 'external/lab-equipment/pH-meter' | relative_url }}">pH meter: utilization and maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/power-consumption' | relative_url }}">Power consumption of the equipment</a></li>
+		</ul>
+	</div>
+	<div class="index-box noborderbox" id="lab-good-practice-card">
+		<h3>Lab: Good Practice</h3>
+		<ul>
+			<li><a href="{{ 'external/lab-good-practice/mycoplasma' | relative_url }}">Mycoplasma contamination check</a></li>
 		</ul>
 	</div>
 	<div class="index-box noborderbox" id="lab-hsa-card">
 		<h3>Lab: Health & Safety, Access</h3>
 		<ul>
-			<li><a href="{{ 'external/lab-hsa/diphoterine' | relative_url }}">Usage of Diphoterine</a></li>
+			<li><a href="{{ 'external/lab-hsa/diphoterine' | relative_url }}">Diphoterine: utilization</a></li>
 			<li><a href="{{ 'external/lab-hsa/handwashing' | relative_url }}">Handwashing</a></li>
 			<li><a href="{{ 'external/lab-hsa/lab-coats' | relative_url }}">Lab coats</a></li>
 			<li><a href="{{ 'external/lab-hsa/personal-alert-safety-system' | relative_url }}">Personal alert safety system (PASS)</a></li>
@@ -129,16 +143,16 @@ order: -1
 			<li><a href="{{ 'external/lab-hsa/ppe' | relative_url }}">Personal Protective Equipment (PPE)</a></li>
 			<li><a href="{{ 'external/lab-hsa/shipment' | relative_url }}">Shipment of biological or chemical samples with carrier</a></li>
 			<li><a href="{{ 'external/lab-hsa/spill' | relative_url }}">Spill in a laboratory</a></li>
-			<li><a href="{{ 'external/lab-hsa/spill-bsc' | relative_url }}">How to deal with a spill in a BSC</a></li>
+			<li><a href="{{ 'external/lab-hsa/spill-bsc' | relative_url }}">Spill in a Biosafety Cabinet</a></li>
-			<li><a href="{{ 'external/lab-hsa/waste' | relative_url }}">Chemical and Biological Waste Management</a></li>
+			<li><a href="{{ 'external/lab-hsa/waste' | relative_url }}">Waste Management: Chemical and Biological waste</a></li>
 		</ul>
 	</div>
 	<div class="index-box noborderbox" id="lab-quarks-card">
 		<h3>Lab: Quarks</h3>
 		<ul>
-			<li><a href="{{ 'external/lab-quarks/book-lab-equipment' | relative_url }}">How to book a Lab Equipment in Quarks</a></li>
+			<li><a href="{{ 'external/lab-quarks/book-lab-equipment' | relative_url }}">Booking of a Lab Equipment</a></li>
-			<li><a href="{{ 'external/lab-quarks/quarks-general' | relative_url }}">Quarks - General information</a></li>
+			<li><a href="{{ 'external/lab-quarks/general' | relative_url }}">General information on Quarks</a></li>
 		</ul>
 	</div>

--- a/external/contribute/ssh-key-generation/ssh-key-generation.md
+++ b/external/contribute/ssh-key-generation/ssh-key-generation.md
@@ -15,7 +15,7 @@ Key-based authentication allows GitLab users to identify their device once on th
 SSH uses a public and a private key:
 - The public key must be registered in GitLab, where it "identifies" your device.
- The private key must stay secret and preferably you should only keep it on a single device. The private key is the only key that can be used to authenticate your identity against the public key uploaded to GitLab -- if it becomes public, anyone could impersonate your identity and thus use your GitLab account. **Make sure you do not upload the private key anywhere by accident, not even to GitLab.**
+- The private key must stay secret and preferably you should only keep it on a single device. The private key is the only key that can be used to authenticate your identity against the public key uploaded to GitLab -- if it becomes public, anyone can impersonate your identity and thus use your GitLab account. **Make sure you do NOT upload the private key anywhere by accident, not even to GitLab.**
 # Prerequisites

--- a/external/exchange-channels/atlas-hpc/atlas-hpc.md
+++ b/external/exchange-channels/atlas-hpc/atlas-hpc.md
+---
+layout: page
+permalink: /external/exchange-channels/atlas-hpc/
+shortcut: exchange-channels:atlas-hpc
+redirect_from:
+  - /cards/exchange-channels:atlas-hpc
+  - /external/exchange-channels:atlas-hpc
+  - /integrity/exchange-channels/atlas-hpc
+  - /external/external/exchange-channels/atlas-hpc/
+  - /cards/integrity/transfer:atlas-hpc
+  - /external/integrity/transfer:atlas-hpc
+  - /integrity/transfer/atlas-hpc
+  - /external/external/integrity/transfer/atlas-hpc/
+---
+# Data transfer between Atlas and UL HPC Clusters
+A recommended storage pattern is to have the master copy of data on Atlas (project folder) and only store data on the UL HPC Clusters temporarily for the required practical duration of computational analysis. The derived data and results should hereafter be transferred back to Atlas. This How-to Card describes the different methods to transfer data between Atlas and the UL HPC Clusters. The three recommended methods to transfer data are:
+1. [Via laptop with ```scp``` or ```rsync```](#1-via-laptop-using-scp-or-rsync)
+2. [Via dedicated Virtual Machine (VM)](#2-via-dedicated-virtual-machine-using-rsync)
+3. [Via Large File Transfer (LFT)](#3-via-large-file-transfer-lft) 
+Please refer to the dedicated knowledge bases to see how to [connect to UL HPC Clusters](https://hpc-docs.uni.lu/connect/access/) and to [mount Atlas](https://service.uni.lu/sp?id=kb_article_view&sysparm_article=KB0010233). 
+<img src="img/data-transfer-flow.png">
+## 1. Via laptop using `scp` or `rsync`
+When using the UL laptop to transfer data between UL HPC Clusters and Atlas, you must [mount Atlas via smb on laptop](https://service.uni.lu/sp?id=kb_article_view&sysparm_article=KB0010233) before using `scp` and `rsync` for the transfer. While both commands ensure a secure transfer of data between the UL HPC Clusters and Atlas, `rsync` may be much faster for handling large amounts of small files (which are transferred very quickly in batches), and for selective incremental updates of large datasets (it is capable to automatically transferring only the changed files, thus saving time).
+* `scp`: transfers all files and directories.
+* `rsync`: transfers only the files which differ between the source and the destination.
+Please visit the [UL HPC documentation](https://hpc-docs.uni.lu/data/transfer/#data-transfer-tofromwithin-ul-hpc-clusters) to see how to use `rsync` and `scp`.
+## 2. Via dedicated Virtual Machine using rsync
+Data can be transferred via a dedicated VM, which can be requested via [ServiceNow](https://service.uni.lu/sp?id=sc_cat_item&table=sc_cat_item&sys_id=49956812db3fa010ca53454039961978). 
+Instead of transferring data between Atlas and UL HPC Clusters through the laptop as described above, the transfer will go through the dedicated VM. Once connected to the VM and mounted to Atlas, the ```rsync``` command can be used in the same way as described in the [UL HPC documentation](https://hpc-docs.uni.lu/data/transfer/#data-transfer-tofromwithin-ul-hpc-clusters). This method is recommended for **recurring transfers of very large datasets** that benefit from high-speed network connection between the VM and the HPC.
+**Note**: For larger transfers between Atlas and UL HPC Clusters, you may want to run the operations in background using `screen` or `tmux`. These prevent interruption of data transfer in cases when your `ssh` connection gets interrupted.
+## 3. Via Large File Transfer (LFT)
+An alternative solution is to use LFT for transferring data between Atlas and UL HPC Clusters. This method can reliably transfer large data volumes (typically several terabytes). However, LFT can only be used if the data is already on LFT (e.g., received from external collaborators). In this case, you can make a copy of the data and directly download it to the UL HPC Clusters for computational analysis. Note that a **master copy of the data must still be manually uploaded to Atlas** for internal archival.
+Please refer to the [dedicated How-to Card on LFT]({{'/?exchange-channels:lft' | relative_url }}) for detailed information.
+**Note**: In cases when the analysis data are not already received via LFT, we strongly recommend to use one of the other (simpler) methods instead.
--- a/external/exchange-channels/atlas-hpc/img/data-transfer-flow.png
+++ b/external/exchange-channels/atlas-hpc/img/data-transfer-flow.png
--- a/external/exchange-channels/cryptomator/cryptomator.md
+++ b/external/exchange-channels/cryptomator/cryptomator.md
@@ -17,22 +17,27 @@ Cryptomator is a cloud cryptor - a tool allowing to work on and to share encrypt
 Cryptomator protects your data by ingesting it in a so-called vault, which is mounted to a virtual drive and password protected. To access and view the data, you must unlock the vault with the created password. The data is stored on the cloud of your choice when creating the vault, but is encrypted automatically by the Cryptomator client. It is only from the virtual drive which act as a USB flash drive that you can access and view the data, as it shows the decrypted view of its content. Ingesting your files directly into the virtual drive permits Cryptomator to automatically encrypt the data with AES and 256-bit key length. 
-Please follow the below sections to: download Cryptomator locally on your computer, enable Cryptomator on your preffered cloud, or manage vaults as an administrator. Please visit Cryptomator’s official website for the full documentation on [vault management](https://docs.cryptomator.org/en/latest/). 
+This How-to Card provides a guide on the below topics. For the full documentation on using Cryptomator, please visit the [official website](https://docs.cryptomator.org/en/latest/). 
+- [Download Cryptomator Desktop](#downloading-cryptomator-desktop)
+- [Setting up Cryptomator Hub](#setting-up-cryptomator-hub)
+- [Vault management](#vault-management) 
+- [Collaborating on a shared vault as a user](#collaborating-on-a-shared-vault-as-a-user)
 `Note:` Cryptomator does not offer cloud storage but adds an extra protection to your data stored on the cloud by automatically encrypting the files in the vault. 
-## Downloading Cryptomator Desktop
+## Downloading Cryptomator Desktop 
 The desktop version of Cryptomator is available both for macOS, Windows, and Linux. Please follow the [guide](https://docs.cryptomator.org/en/latest/desktop/setup/) on Cryptomator's official website to install the application on your operating system. 
 <img src="img/cryptomator-main.png" height="400px"><br>
-## Setting up key management system with Cryptomator Hub
+## Cryptomator Hub
- Cryptomator Hub adds key and access management to your vaults from a central component deployed on your infrastructure, permitting collaborative work. As an admin, you can share your vaults with other people, who can access the vault by authenticating with Keycloak. There is thus no need for creating new accounts nor sharing encryption passwords with collaborators which are easily stolen, copied, or misused, and no data is shared on any online services. 
+ Cryptomator Hub adds key and access management to your vaults from a central component deployed on your infrastructure, permitting collaborative work. As an owner/administrator of a vault, you can share your vaults with other people, who can access the vault by authenticating with Keycloak. There is thus no need for creating new accounts nor sharing encryption passwords with collaborators which are easily stolen, copied, or misused, and no data is shared on any online services. 
 As a vault administrator it is important to manage the admin password properly. In case you lose or forget the admin password, a recovery key is needed to restore access to the vault. This recovery key is generated upon creating the vault (see guide below). In practical, it is the responsibility of the project manager and/or PI to manage and store the admin vault password securely. Please use passphrase and proper password management when creating the admin vault password. For further information, visit the How-to Card on [password management]( https://howto.lcsb.uni.lu/?access:passwords). 
-## Enabling Cryptomator using a cloud of your choice
+## Setting up Cryptomator Hub
-1. Go to the LCSB instance of Cryptomator Hub https://lcsb.cryptomator.cloud/.
+**Prerequisite:** A Cryptomator license is required to use Cryptomator Hub and can be requested via the [Service Portal](https://service.uni.lu/sp?id=sc_cat_item&sys_id=d3766892db3fa010ca534540399619a8&sysparm_category=735620d2db3fa010ca53454039961940). 
+1. Go to the LCSB instance of [Cryptomator Hub](https://lcsb.cryptomator.cloud/).
 2. Click on “LCSB Login”. 
    <img src="img/cryptomatorHub-login.png" height="400px"> <br>
@@ -41,7 +46,7 @@ As a vault administrator it is important to manage the admin password properly.
    <img src="img/uni-login.png" height="400px"> <br>
-4. When signed in successfully, you will be presented with the Hub's main page. To create a new vault, click the “Add” button on the top left corner and then "create new". 
+4. When signed in successfully, you will be presented with the Hub's main page. To create a new vault, click the “Add” button on the top right corner and then "create new". 
    <img src="img/hub-mainpage.png" height="350px"> <br>
@@ -49,20 +54,20 @@ As a vault administrator it is important to manage the admin password properly.
    <img src="img/creating-vault.png" height="350px"> <br>
-6. A recovery key is displayed on the page. Copy the recovery key and store it in a safe location (e.g. password management system). The recocery key is needed for restoring access to the vault data. Tick the checkbox and click “Create Vault”. 
+6. A recovery key is displayed on the page. Copy the recovery key and store it in a safe location (e.g. password management system like [Bitwarden](https://bitwarden.com/) or [Keepass](https://keepass.info/)). The recocery key is needed for restoring access to the vault data. Tick the checkbox and click “Create Vault”. 
    <img src="img/recovery-key.png" height="350px"> <br>
-7. The vault has now been successfully created from the Hub. Click “download zipped vault folder”. 
+7. The vault has now been successfully created from the Hub. You can now mount the vault to your desired cloud storage location by clicking “download zipped vault folder”. 
    <img src="img/download-vault-template.png" height="350px"> <br>
-8. Unzip the vault in your preferred cloud storage location (e.g., ownCloud or OneDrive). 
+8. Unzip the vault in the cloud storage location (e.g. ownCloud or OneDrive). 
    <img src="img/ownCloud-folder.png" height="300px"> <br>
-## Managing a vault as an administrator
+## Vault management
-The following steps can only be performed by the vault administrator. 
+The following steps shows how to share a vault with other people and can only be performed by the vault administrator.
 1. From the Hub's main page, click on the vault you wish to share and then "Manage vault". 
@@ -76,12 +81,10 @@ The following steps can only be performed by the vault administrator.
    <img src="img/add-member.png" height="450px"> <br> 
-4. The team member has to register their local device to the shared vault (see next section). Once the device of the user has been registered to the vault, the admin can grant access by clicking on “update permission”. 
+4. Before the user can access your vault, the user has to register the vault to the user's local device (see section "Collaborating on a shared vault as a user). Only then can the vault administrator grant permission by clicking on “update permission”. 
    <img src="img/grant-access.png" height="150px"> <br>
-5. Once access is granted, the team member can unlock the vault locally. 
 ## Collaborating on a shared vault as a user
 1. Open the desktop application. Click the “add’ button and then “Existing vault”. 
@@ -101,15 +104,15 @@ The following steps can only be performed by the vault administrator.
 5. Cryptomator will automatically redirect you to the login page. Please authenticate yourself with Keycloak.
-6. If it is the first time you connect your device to the shared vault, you have to register the device. In this case, you will be prompt to enter a device name and then click "Confirm. The admin can now grant access to the device. 
+6. If it is the first time you connect your device to the shared vault, you have to register the device. In this case, you will be prompt to enter a device name and then click "Confirm". The admin can now grant access to the device. 
   <img src="img/register-device.png" height="200px"> <br> 
-7. Once the admin grants access the vault is unlocked. Click “Reveal drive” to access the vault on the virtual drive. 
+7. Once the admin grants access, click “Reveal drive” to access the vault on the virtual drive. 
   <img src="img/unlock-vault.png" height="400px"> <br> 
-8. All data can now be ingested in the vault on the virtual drive.
+8. You can now view decrypted data and save files in the vault on the virtual drive.
    <img src="img/vault-data.png" height="400px"> <br> 

--- a/external/integrity/encryption/file/encryption_file.md
+++ b/external/integrity/encryption/file/encryption_file.md
@@ -11,7 +11,7 @@ redirect_from:
 # Encrypting Files and Folders
 Encryption is an effective measure to protect sensitive data. This How-to card provides instructions for file and folder encryption on platforms commonly used by LCSB staff.
-**IMPORTANT NOTICE:** One important requirement of using Encryption is that you must  manage your Encryption Passwords/Keys. Failing to do so will mean **loosing your data indefinitely**. In this [link]({{ '/?access:passwords' | relative_url }}) we list  tools that can be used for password management. **Please make sure you have arrangements for password management before starting the encryption of data**.
+**IMPORTANT NOTICE:** One important requirement of using Encryption is that you must  manage your Encryption Passwords/Keys. Failing to do so will mean **losing your data indefinitely**. The [Managing your passwords card]({{ '/?access:passwords' | relative_url }}) lists the tools that can be used for password management. **Please make sure you have arrangements for password management before starting the encryption of data**.
 ## macOS
 The built-in mechanism for file-level encryption on a Mac is  Encrypted Disk Images (*.dmg* files). In order to create a disk image:
@@ -83,20 +83,15 @@ In order to use turn on EFS for a folder:
 ## Cloud Platforms
-As per LCSB Policy, you should not store sensitive human data on commercial cloud services (e.g. Google Drive, Dropbox). However, there may be situations where commercial clouds are used:
+As per LCSB Policy, you should NOT store sensitive human data on commercial cloud services (e.g. Google Drive, Dropbox). However, there may be situations where commercial clouds are used:
- There is a project/consortium level agreement to use external cloud storage,
+- There is a project/consortium level agreement to use external cloud storage.
- You're working with sensitive data, and need to temporarily co-access it with research collaborators,
+- You're working with sensitive data, and need to temporarily co-access it with research collaborators.
 - You're working with non-sensitive data and using the cloud as a backup target.
 In such cases, you may use the following desktop tools to encrypt cloud folders.
- [boxcryptor](https://www.boxcryptor.com/en/) (Paid). If you're holding sensitive LCSB research data  on commercial cloud (case 2 above), you must use Boxcryptor. Contact the LCSB IT  team to request a license.
+- [Cryptomator](https://cryptomator.org/). If you're holding sensitive LCSB research data on commercial cloud (case 2 above), you must use Cryptomator. Request a license via ServiceNow and visit the dedicated [How-to card on Cryptomator]({{ '?exchange-channels:cryptomator' | relative_url }}) for further information.
-    - [Installation/Mac](http://bit.ly/BXC-MAC_INSTALLATION)
-    - [Installation/Windows](http://bit.ly/BXC-WINDOWS_INSTALLATION)
-    - [Sharing Folders](http://bit.ly/BXC-FILE_SHARING)
-    - [Encrypt Folder](http://bit.ly/BXC-FILE_ENCRYPTION)
-    - [Decrypt Folder](http://bit.ly/BXC-FILE_DECRYPTION)
 - [Cyberduck](https://cyberduck.io/cryptomator/) (Free).
@@ -105,4 +100,4 @@ In such cases, you may use the following desktop tools to encrypt cloud folders.
 The Uni-LU HPC Team is planning to install [EncFS](https://en.wikipedia.org/wiki/EncFS) on the HPC clusters. EncFS allows for the creation of an encrypted volume (similar to a folder). EncFS provides transparent encryption, once you mount the encrypted volume, anything that goes into the volume will automatically be encrypted. Also, whenever you try to view or process a file in a mounted EncFS volume, it will be decrypted for you (behind the scenes) automatically.
-We will provide instructions for EncFS once it becomes available .
+The instructions for EncFS will be provided once it becomes available.
--- a/external/integrity/transfer/owncloud-privatebin/img/7zpassword.png
+++ b/external/integrity/transfer/owncloud-privatebin/img/7zpassword.png
--- a/external/integrity/transfer/owncloud-privatebin/img/encryptionpassword.png
+++ b/external/integrity/transfer/owncloud-privatebin/img/encryptionpassword.png
--- a/external/integrity/transfer/owncloud-privatebin/img/keka-encryption.png
+++ b/external/integrity/transfer/owncloud-privatebin/img/keka-encryption.png
--- a/external/integrity/transfer/owncloud-privatebin/img/owncloudshare.png
+++ b/external/integrity/transfer/owncloud-privatebin/img/owncloudshare.png
--- a/external/integrity/transfer/owncloud-privatebin/img/passwordLink.png
+++ b/external/integrity/transfer/owncloud-privatebin/img/passwordLink.png
--- a/external/integrity/transfer/owncloud-privatebin/owncloud-privatebin.md
+++ b/external/integrity/transfer/owncloud-privatebin/owncloud-privatebin.md
+---
+layout: page
+permalink: /external/integrity/transfer/owncloud-privatebin/
+shortcut: integrity:transfer:owncloud-privatebin
+redirect_from:
+  - /cards/integrity/transfer:owncloud-privatebin
+  - /external/integrity/transfer:owncloud-privatebin
+  - /integrity/transfer/owncloud-privatebin
+  - /external/external/integrity/transfer/owncloud-privatebin/
+---
+# Transfer of Human Data with OwnCloud
+This How-to Card provides a step-by-step guide on how to transfer Human Data via LCSB Owncloud securely. Please note that this How-to Card is intended for the use case where data is < 4 GB and categorized as [sensitive]({{ '/?qms:LCSB-POL-BIC-01' | relative_url }}), in which encryption must be in place as well as secure exchange of encryption password with PrivateBin. If you wish to share Human Data **recurrently** with e.g. external collaborators, we recommend using Owncloud with Cryptomator for encryption of data on the cloud. For further information, please visit the dedicated card on [Cryptomator]({{ '/?exchange-channels:cryptomator' | relative_url}}).   
+**Prerequisite:** LUMS account is needed and can be requested via the [Service Portal](https://service.uni.lu/sp?id=sc_cat_item&table=sc_cat_item&sys_id=c536257ddb336010ca53454039961936).
+1. Use a zip software that supports AES256 encryption to zip your file(s) with a strong password. 
+* For Windows computer you can use [7-zip](https://www.7-zip.org/download.html), which uses AES256 encryption by default. 
+* For Mac you can use [Keka](https://www.keka.io/en/). To enable AES256 encryption, please go to `settings > Compression` and tick the **Use AES-256 encryption** checkbox like displayed below. <br>
+<img src='img/keka-encryption.png' height='350px'> <br>
+2. Use a password generator to generate a strong encryption password. 
+* Use an online password generator like [dice ware](https://diceware.dmuth.org/), or a password manager like [BitWarden](https://bitwarden.com/) or [KeePass](https://keepass.info/) to generate a strong password.
+3. Go to [LCSB PrivateBin](https://privatebin.lcsb.uni.lu/) and type/add the password in the Editor tab.   
+4. Enable the feature "Burn after reading" by ticking the checkbox. This means that the link to the password can only be used **once** so it expires upon first access. 
+<img src="img/encryptionpassword.png">
+* You will be promted to enter your LUMS credentials once you click on "Send".
+* You should be redirected to a page containing the password link. 
+<img src="img/passwordLink.png">
+5. Share the password link with your collaborator via your preferred communication channel.
+6. The collaborator (recipient) **must** confirm that the password was successfully received before proceeding with the following steps. If collaborator reports an error, it indicates the password was compromised and data transfer is not secured anymore. In this case the zipped archive should be deleted and the process should started again. This is a crucial step in the data transfer!
+7. Login to [OwnCloud](https://owncloud.lcsb.uni.lu/) with LUMS account.
+* Upload the zipped archive to OwnCloud and make a share link with the collaborator. 
+* See a full guide on how to use [OwnCloud]({{ '/?exchange-channels:owncloud' | relative_url }}).
+<img src="img/owncloudshare.png">
+8. Share the access link with your collaborator by typing in their email as shown on the image above. 
+* The collaborator will automatically receive a link to the encrypted data on OwnCloud by email.  
+9. The collaborator can now decrypt the data with the password received via Privatebin. 
--- a/external/lab-equipment/utilization-of-autoclaves/utilization-of-autoclaves.md
+++ b/external/lab-equipment/utilization-of-autoclaves/utilization-of-autoclaves.md
 ---
 layout: page
-permalink: /external/lab-equipment/utilization-of-autoclaves/
+permalink: /external/lab-equipment/autoclaves/
-shortcut: lab:utilization-of-autoclaves
+shortcut: lab:autoclaves
 redirect_from:
  - /cards/lab-equipment:utilization-of-autoclaves
  - /external/cards/lab-equipment:utilization-of-autoclaves
@@ -9,9 +9,16 @@ redirect_from:
  - /external/external/lab-equipment/utilization-of-autoclaves/
  - /cards/lab:utilization-of-autoclaves
  - /external/cards/lab:utilization-of-autoclaves
+  - /external/lab-equipment/utilization-of-autoclaves/
+  - /cards/lab-equipment:autoclaves
+  - /external/cards/lab-equipmentautoclaves
+  - /lab/autoclaves
+  - /external/external/lab-equipment/autoclaves/
+  - /cards/lab:autoclaves
+  - /external/cards/lab:autoclaves
 ---
-# Utilization of autoclaves
+# Autoclaves: utilization
 Autoclaves are used to perform sterilization of liquids and instruments and decontamination of liquids, solid and waste that are contaminated with biohazard materials. For more general information about autoclaving systems, feel free to watch [this video](https://www.youtube.com/watch?v=Yfc1yjEuuhE) published by the World Health Organization (WHO).

--- a/external/lab-equipment/utilization-of-autoclaves/img/img1.png
+++ b/external/lab-equipment/utilization-of-autoclaves/img/img1.png
--- a/external/lab-equipment/utilization-of-autoclaves/img/img10.png
+++ b/external/lab-equipment/utilization-of-autoclaves/img/img10.png
--- a/external/lab-equipment/utilization-of-autoclaves/img/img11.png
+++ b/external/lab-equipment/utilization-of-autoclaves/img/img11.png
--- a/external/lab-equipment/utilization-of-autoclaves/img/img12.png
+++ b/external/lab-equipment/utilization-of-autoclaves/img/img12.png
--- a/external/lab-equipment/utilization-of-autoclaves/img/img13.png
+++ b/external/lab-equipment/utilization-of-autoclaves/img/img13.png
No results found