generator @ 53a922a1

-Subproject commit d73c076d4d529517a1457fc4a7a09d8906b6a13c
+Subproject commit 53a922a13c4e8916c97599b5242493a47ea0a2e2

.gitlab-ci.yml

@@ -176,7 +176,7 @@ deploy:vm:
     - echo "$KNOWNHOSTS" > ~/.ssh/known_hosts
     - chmod 644 ~/.ssh/known_hosts
   rules:
-    - if: '$CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_NAME == "develop" && $CI_PROJECT_PATH == "R3/howto-cards"'
+    #- if: '$CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_NAME == "develop" && $CI_PROJECT_PATH == "R3/howto-cards"'
     - if: '$CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_NAME == "master" && $CI_PROJECT_PATH == "R3/howto-cards"'
   script:
     - ssh -p $SSHPORT $SSHCONNECT "mkdir -p ~/$CI_COMMIT_REF_NAME/sources/public/$CI_JOB_ID ~/$CI_COMMIT_REF_NAME/public"

cards.md

@@ -57,6 +57,7 @@ order: -1
 			<li><a href="{{ 'external/contribute/markdown' | relative_url }}">Markdown</a></li>
 			<li><a href="{{ 'external/contribute/mirror-fork' | relative_url }}">Mirror fork automatically</a></li>
 			<li><a href="{{ 'external/contribute/review' | relative_url }}">Reviewing in Git</a></li>
+			<li><a href="{{ 'external/contribute/ssh-key-generation' | relative_url }}">Key-based Authentication on GitLab</a></li>
 			<li><a href="{{ 'external/contribute/supersede' | relative_url }}">Take over a stale merge request</a></li>
 			<li><a href="{{ 'external/contribute/vscode' | relative_url }}">Contribute using Visual Studio Code</a></li>
 			<li><a href="{{ 'external/contribute/web-ide' | relative_url }}">Contribute using Gitlab Web IDE</a></li>
@@ -66,10 +67,13 @@ order: -1
 	<div class="index-box noborderbox" id="exchange-channels-card">
 		<h3>Exchange channels</h3>
 		<ul>
-			<li><a href="{{ 'external/exchange-channels/lft' | relative_url }}">LCSB file transfer (LFT) Quick Guide</a></li>
-			<li><a href="{{ 'external/exchange-channels/calendar' | relative_url }}">Sharing calendar in Microsoft Exchange</a></li>
 			<li><a href="{{ 'external/exchange-channels/asperaweb' | relative_url }}">AsperaWEB Quick Guide</a></li>
+			<li><a href="{{ 'external/exchange-channels/atlas-hpc' | relative_url }}">Data transfer between Atlas and UL HPC Clusters</a></li>
+			<li><a href="{{ 'external/exchange-channels/calendar' | relative_url }}">Sharing calendar in Microsoft Exchange</a></li>
+			<li><a href="{{ 'external/exchange-channels/cryptomator' | relative_url }}">Cryptomator</a></li>
+			<li><a href="{{ 'external/exchange-channels/lft' | relative_url }}">LCSB file transfer (LFT) Quick Guide</a></li>
 			<li><a href="{{ 'external/exchange-channels/owncloud' | relative_url }}">Owncloud</a></li>
+
 		</ul>
 	</div>
 	<div class="index-box noborderbox" id="general-card">
@@ -89,52 +93,66 @@ order: -1
 		<ul>
 			<li><a href="{{ 'external/integrity/checksum' | relative_url }}">Ensuring Integrity of Data Files with Checksums</a></li>
 			<li><a href="{{ 'external/integrity/dmp' | relative_url }}">Data Management Plan</a></li>
-			<li><a href="{{ 'external/integrity/encryption/cloud' | relative_url }}">Data upload to cloud</a></li>
 			<li><a href="{{ 'external/integrity/encryption/disk' | relative_url }}">Encrypting the Startup Disk for Your Laptop/Desktop</a></li>
 			<li><a href="{{ 'external/integrity/encryption/file' | relative_url }}">Encrypting Files and Folders</a></li>
 			<li><a href="{{ 'external/integrity/naming' | relative_url }}">Naming files</a></li>
 			<li><a href="{{ 'external/integrity/organization' | relative_url }}">Organization</a></li>
 			<li><a href="{{ 'external/integrity/sanitisation' | relative_url }}">Sanitising Data Files</a></li>
 			<li><a href="{{ 'external/integrity/spreadsheets' | relative_url }}">Working with spreadsheets</a></li>
+			<li><a href="{{ 'external/integrity/transfer/owncloud-privatebin' | relative_url }}">Transfer of Human Data with OwnCloud</a></li>
 
 		</ul>
 	</div>
 	<div class="index-box noborderbox" id="lab-equipment-card">
 		<h3>Lab: Equipment</h3>
 		<ul>
-			<li><a href="{{ 'external/lab-equipment/cryostorage' | relative_url }}">Utilization of the cryostorage</a></li>
-			<li><a href="{{ 'external/lab-equipment/dishwasher-utilization-and-maintenance' | relative_url }}">Dishwasher utilization and maintenance</a></li>
-			<li><a href="{{ 'external/lab-equipment/hoods' | relative_url }}">Laminar Flow - Fume Hood - Biosafety Cabinet: what are the differences and when to use them?</a></li>
-			<li><a href="{{ 'external/lab-equipment/lightcycler' | relative_url }}">How to leave virtual instrument mode on the LightCycler</a></li>
-			<li><a href="{{ 'external/lab-equipment/maintenance-of-fridges' | relative_url }}">Maintenance of fridges and freezers</a></li>
-			<li><a href="{{ 'external/lab-equipment/maintenance_of_cold_traps' | relative_url }}">Maintenance of cold traps  </a></li>
-			<li><a href="{{ 'external/lab-equipment/utilization-of-autoclaves' | relative_url }}">Utilization of autoclaves</a></li>
-			<li><a href="{{ 'external/lab-equipment/utilization-of-balances' | relative_url }}">Utilization of balances</a></li>
-			<li><a href="{{ 'external/lab-equipment/utilization-of-bsc' | relative_url }}">Biosafety Cabinets: good practices</a></li>
-			<li><a href="{{ 'external/lab-equipment/utilization-of-pH-meter' | relative_url }}">Utilization of pH meter</a></li>
+			<li><a href="{{ 'external/lab-equipment/autoclaves' | relative_url }}">Autoclaves: utilization</a></li>
+			<li><a href="{{ 'external/lab-equipment/balances' | relative_url }}">Balances: utilization and maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/biosafety-cabinets' | relative_url }}">Biosafety Cabinets: good practices</a></li>
+			<li><a href="{{ 'external/lab-equipment/cold-traps' | relative_url }}">Cold traps: maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/cryostorage' | relative_url }}">Cryostorage: utilization</a></li>
+			<li><a href="{{ 'external/lab-equipment/dishwasher-utilization-and-maintenance' | relative_url }}">Dishwasher: utilization and maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/electric-car' | relative_url }}">Electric Car</a></li>
+			<li><a href="{{ 'external/lab-equipment/freezers' | relative_url }}">-20°C Freezers: maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/freezers-80' | relative_url }}">-80°C freezers: maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/freezers-150' | relative_url }}">-150°C freezers: maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/fridges' | relative_url }}">Fridges: maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/hoods' | relative_url }}">Hoods: Laminar Flow - Fume Hood - Biosafety Cabinet</a></li>
+			<li><a href="{{ 'external/lab-equipment/incubators' | relative_url }}">Incubators: maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/lightcycler' | relative_url }}">LightCycler: leave the virtual instrument mode</a></li>
+			<li><a href="{{ 'external/lab-equipment/pH-meter' | relative_url }}">pH meter: utilization and maintenance</a></li>
+			<li><a href="{{ 'external/lab-equipment/power-consumption' | relative_url }}">Power consumption of the equipment</a></li>
+
+		</ul>
+	</div>
+	<div class="index-box noborderbox" id="lab-good-practice-card">
+		<h3>Lab: Good Practice</h3>
+		<ul>
+			<li><a href="{{ 'external/lab-good-practice/mycoplasma' | relative_url }}">Mycoplasma contamination check</a></li>
 
 		</ul>
 	</div>
 	<div class="index-box noborderbox" id="lab-hsa-card">
 		<h3>Lab: Health & Safety, Access</h3>
 		<ul>
-			<li><a href="{{ 'external/lab-hsa/diphoterine' | relative_url }}">Usage of Diphoterine</a></li>
+			<li><a href="{{ 'external/lab-hsa/diphoterine' | relative_url }}">Diphoterine: utilization</a></li>
 			<li><a href="{{ 'external/lab-hsa/handwashing' | relative_url }}">Handwashing</a></li>
 			<li><a href="{{ 'external/lab-hsa/lab-coats' | relative_url }}">Lab coats</a></li>
 			<li><a href="{{ 'external/lab-hsa/personal-alert-safety-system' | relative_url }}">Personal alert safety system (PASS)</a></li>
 			<li><a href="{{ 'external/lab-hsa/pictograms' | relative_url }}">Pictograms</a></li>
+			<li><a href="{{ 'external/lab-hsa/ppe' | relative_url }}">Personal Protective Equipment (PPE)</a></li>
 			<li><a href="{{ 'external/lab-hsa/shipment' | relative_url }}">Shipment of biological or chemical samples with carrier</a></li>
 			<li><a href="{{ 'external/lab-hsa/spill' | relative_url }}">Spill in a laboratory</a></li>
-			<li><a href="{{ 'external/lab-hsa/spill-bsc' | relative_url }}">How to deal with a spill in a BSC</a></li>
-			<li><a href="{{ 'external/lab-hsa/waste' | relative_url }}">Chemical and Biological Waste Management</a></li>
+			<li><a href="{{ 'external/lab-hsa/spill-bsc' | relative_url }}">Spill in a Biosafety Cabinet</a></li>
+			<li><a href="{{ 'external/lab-hsa/waste' | relative_url }}">Waste Management: Chemical and Biological waste</a></li>
 
 		</ul>
 	</div>
 	<div class="index-box noborderbox" id="lab-quarks-card">
 		<h3>Lab: Quarks</h3>
 		<ul>
-			<li><a href="{{ 'external/lab-quarks/book-lab-equipment' | relative_url }}">How to book a Lab Equipment in Quarks</a></li>
-			<li><a href="{{ 'external/lab-quarks/quarks-general' | relative_url }}">Quarks - General information</a></li>
+			<li><a href="{{ 'external/lab-quarks/book-lab-equipment' | relative_url }}">Booking of a Lab Equipment</a></li>
+			<li><a href="{{ 'external/lab-quarks/general' | relative_url }}">General information on Quarks</a></li>
 
 		</ul>
 	</div>

external/contribute/markdown/markdown.md

@@ -10,7 +10,7 @@ redirect_from:
 ---
 # Markdown
 
-Markdown is a lightweight markup language with plain text formatting syntax which became very popular in past decade and which nowadays serves as a standard in various digital communication channels.
+[Markdown](https://daringfireball.net/projects/markdown/) is a lightweight markup language with plain text formatting syntax which became very popular in past decade and which nowadays serves as a standard in various digital communication channels.
 
 ## Main features of Markdown
 
@@ -22,15 +22,16 @@ Markdown is a lightweight markup language with plain text formatting syntax whic
 * It is portable - since it is actually plain text, it can be opened by literally all text editors.
 * It is machine readable - as simple text, markdown documents can be tracked and version using a versioning system (Git, SVN)
 * It has small file size.
-* It is easy to convert to other formats - existing editors and command line tools (e.g. [pandoc](https://pandoc.org/) allows for easy conversion between Markdown and other widely used formats like HTML, PDF, docx, LaTeX, etc.
+* It is easy to convert to other formats - existing editors and command line tools (e.g. [Pandoc](https://pandoc.org/) allows for easy conversion between Markdown and other widely used formats like HTML, PDF, docx, LaTeX, etc.
 
 ## Quick reference
 
 * The following symbol <img src="img/visual-code_img_9.png" height="20"> behind the file name means that your changes/writing is not saved. Press CTRL+S to save your procedure
 * To preview your writing click on:
+
   <img src="img/visual-code_img_10.png">
 
-## Tips to write in markdown:
+## Tips to write in Markdown:
 
 | Markdown                           | Rendered Output           |
 |:-----------------------------------|---------------------------|
@@ -61,7 +62,7 @@ Markdown is a lightweight markup language with plain text formatting syntax whic
 |:-----------------------------------|---------------------------|
 |: Include links referring to a web `[page](https://www.markdownguide.org/)`. Avoid links in format `<link>` as it is not always parsed correctly. | Include links referring to a web [page](https://www.markdownguide.org/). Avoid links in format <link> as it is not always parsed correctly (like in this case).
 |:-----------------------------------|---------------------------|
-|: Include local pictures using markdown |
+|: Include local pictures using Markdown |
 |: ^^<pre>![My awesome picture](img/r3_logo.png)</pre> | ^^ ![My awesome picture](img/r3_logo.png)
 |: Or use HTML tag allowing you to alter the image properties (e.g. size) |
 |: ^^<pre>&lt; img src="img/r3_logo.png" width="40" &gt;</pre> | ^^<img src="img/r3_logo.png" width="40">
@@ -83,10 +84,10 @@ Plain syntax is usually enough. But special requirements lead to development of
 
 Another big advantage of Markdown is that it can contain HTML tags, which makes formatting very flexible.
 
-## When to use markdown?
+## When to use Markdown?
 
 * **Documentation** - Markdown is a perfect solution for description of a data package, project folder, workflow or code repository. Using Markdown ensures that the description will be accessible to everyone even after decades while still nicely structured. Guide for writing a good README is not covered by this HowTo page but you can find plenty of resources online, e.g.:
-  * [guide](https://data.research.cornell.edu/content/readme) from Cornell University, UK
+  * [Guide](https://data.research.cornell.edu/content/readme) from Cornell University, UK
   * [GitHub page](https://github.com/mhucka/readmine) for READMEs in a software repository
 * **Blogging and tutorials** - structured document with chunks of code, pictures and results of the analyses can be easily converted to HTML format and posted on personal/team websites.
 * **Notes and meeting minutes** - you can use following template for simple and nicely structured meeting notes:

external/contribute/mirror-fork/mirror-fork.md

@@ -17,7 +17,7 @@ you should follow the follow simple steps.
 2. Expand the section on `Mirroring repositories`
 3. In the field `Git repository URL`, enter the SSH clone address from the main repository. 
 
- <img src="img/img1.png">
+    <img src="img/img1.png">
 
 4. Select `Mirror Direction` as `Pull`
 5. Click on `Detect Host Keys`
@@ -30,9 +30,10 @@ You will see an entry in the table below the blue button. Often, there is an err
 
     <img src="img/copy-ssh-key.png" height="80">
 
-2. Then, browse to your profile picture (top right) and click on `Preferences`
-3. On the left of the page, click on `SSH keys`
-4. Paste the key (using CTRL+V or CMD+V) into the SSH field
-5. Click on `Add key`
+2. Then, browse to your profile picture (top left corner) and click on `Preferences`
+3. On the left of the page, click on `SSH Keys`
+4. Click on the 'Add new key' button on the SSH keys table
+5. Paste the key (using CTRL+V on Windows or CMD+V on macOS) into the SSH key field
+6. Click on `Add key`
 
 Now, the synchronization of the fork should perform successfully. You can click on the sync button or wait a few minutes. :white_check_mark:

external/contribute/ssh-key-generation/ssh-key-generation.md

+---
+layout: page
+permalink: /external/contribute/ssh-key-generation/
+shortcut: contribute:ssh-key-generation
+redirect_from:
+  - /cards/contribute:ssh-key-generation
+  - /external/cards/contribute:ssh-key-generation
+  - /contribute/ssh-key-generation
+  - /external/external/contribute/ssh-key-generation/
+---
+
+# Key-based Authentication on GitLab
+
+Key-based authentication allows GitLab users to identify their device once on their account and avoid having to log in via their credentials every time. GitLab uses SSH protocol to communicate with Git.
+
+SSH uses a public and a private key:
+- The public key must be registered in GitLab, where it "identifies" your device.
+- The private key must stay secret and preferably you should only keep it on a single device. The private key is the only key that can be used to authenticate your identity against the public key uploaded to GitLab -- if it becomes public, anyone can impersonate your identity and thus use your GitLab account. **Make sure you do NOT upload the private key anywhere by accident, not even to GitLab.**
+
+# Prerequisites
+
+To use SSH, one of the following must be installed on your device:
+
+- The OpenSSH client, which comes pre-installed on GNU/Linux, macOS, and [Windows 10 via Powershell or WSL](https://docs.gitlab.com/ee/user/ssh.html#use-ssh-on-microsoft-windows).
+- SSH version 6.5 or later. Earlier versions used an MD5 signature, which is not secure.
+
+To view the version of SSH installed on your system, run the following command in your terminal (on Linux or macOS) or Git Bash (on Windows):
+
+```
+ssh -V
+```
+
+# Key Generation
+
+> :warning: Please note that the steps below describe SSH key generation. If you already have one, **your existing key may be overwritten.**
+
+1. Start a terminal
+
+2. Type the following command at the command prompt and run it after replacing your firstname and lastname:
+  ```
+  ssh-keygen -t ed25519 -C firstname.lastname@uni.lu
+  ```
+3. Accept the suggested filename and directory
+
+4. Press `Enter` to continue. Defining a password is not necessary and can be skipped. 
+
+5. To copy the contents of your public key file into the clipboard, run the following command:
+
+    - For macOS:
+    ```
+    tr -d '\n' < ~/.ssh/id_ed25519.pub | pbcopy
+    ```
+    - For Windows:
+    ```
+    cat ~/.ssh/id_ed25519.pub | clip
+    ```
+
+# Saving the SSH Key on GitLab
+
+Once the content of the public key is copied in the clipboard, you need to register it with your GitLab account.
+
+To save your key to your account:
+
+1. Log in to GitLab using your LUMS account
+
+2. Navigate to the `Preferences` menu
+
+    ![preferences](img/preferences.png)
+3. User settings will be displayed on the left-hand side menu. Click on the `SSH Keys` option
+
+    ![ssh-menu](img/ssh-menu.png)
+
+4. On the `SSH Keys` page, click on `Add new key` button to add your public key
+
+    ![new-key](img/new-key.png)
+
+5. Paste your new key into the `Key` box, name the key and save it by clicking the `Add key` button
+
+    ![key-details](img/key-details.png)
+
+# Troubleshooting
+
+Please refer to the [GitLab Docs](https://docs.gitlab.com/ee/user/ssh.html#troubleshooting) or [create a ticket](https://service.uni.lu/sp?id=sc_cat_item&table=sc_cat_item&sys_id=c1d98bacdb9cf810ca53454039961917) for further assistance regarding the key-based authentication.

external/exchange-channels/atlas-hpc/atlas-hpc.md

+---
+layout: page
+permalink: /external/exchange-channels/atlas-hpc/
+shortcut: exchange-channels:atlas-hpc
+redirect_from:
+  - /cards/exchange-channels:atlas-hpc
+  - /external/exchange-channels:atlas-hpc
+  - /integrity/exchange-channels/atlas-hpc
+  - /external/external/exchange-channels/atlas-hpc/
+  - /cards/integrity/transfer:atlas-hpc
+  - /external/integrity/transfer:atlas-hpc
+  - /integrity/transfer/atlas-hpc
+  - /external/external/integrity/transfer/atlas-hpc/
+---
+
+# Data transfer between Atlas and UL HPC Clusters
+A recommended storage pattern is to have the master copy of data on Atlas (project folder) and only store data on the UL HPC Clusters temporarily for the required practical duration of computational analysis. The derived data and results should hereafter be transferred back to Atlas. This How-to Card describes the different methods to transfer data between Atlas and the UL HPC Clusters. The three recommended methods to transfer data are:
+
+1. [Via laptop with ```scp``` or ```rsync```](#1-via-laptop-using-scp-or-rsync)
+2. [Via dedicated Virtual Machine (VM)](#2-via-dedicated-virtual-machine-using-rsync)
+3. [Via Large File Transfer (LFT)](#3-via-large-file-transfer-lft) 
+
+Please refer to the dedicated knowledge bases to see how to [connect to UL HPC Clusters](https://hpc-docs.uni.lu/connect/access/) and to [mount Atlas](https://service.uni.lu/sp?id=kb_article_view&sysparm_article=KB0010233). 
+
+<img src="img/data-transfer-flow.png">
+
+## 1. Via laptop using `scp` or `rsync`
+When using the UL laptop to transfer data between UL HPC Clusters and Atlas, you must [mount Atlas via smb on laptop](https://service.uni.lu/sp?id=kb_article_view&sysparm_article=KB0010233) before using `scp` and `rsync` for the transfer. While both commands ensure a secure transfer of data between the UL HPC Clusters and Atlas, `rsync` may be much faster for handling large amounts of small files (which are transferred very quickly in batches), and for selective incremental updates of large datasets (it is capable to automatically transferring only the changed files, thus saving time).
+* `scp`: transfers all files and directories.
+* `rsync`: transfers only the files which differ between the source and the destination.
+
+Please visit the [UL HPC documentation](https://hpc-docs.uni.lu/data/transfer/#data-transfer-tofromwithin-ul-hpc-clusters) to see how to use `rsync` and `scp`.
+
+## 2. Via dedicated Virtual Machine using rsync
+Data can be transferred via a dedicated VM, which can be requested via [ServiceNow](https://service.uni.lu/sp?id=sc_cat_item&table=sc_cat_item&sys_id=49956812db3fa010ca53454039961978). 
+Instead of transferring data between Atlas and UL HPC Clusters through the laptop as described above, the transfer will go through the dedicated VM. Once connected to the VM and mounted to Atlas, the ```rsync``` command can be used in the same way as described in the [UL HPC documentation](https://hpc-docs.uni.lu/data/transfer/#data-transfer-tofromwithin-ul-hpc-clusters). This method is recommended for **recurring transfers of very large datasets** that benefit from high-speed network connection between the VM and the HPC.
+
+
+**Note**: For larger transfers between Atlas and UL HPC Clusters, you may want to run the operations in background using `screen` or `tmux`. These prevent interruption of data transfer in cases when your `ssh` connection gets interrupted.
+
+## 3. Via Large File Transfer (LFT)
+An alternative solution is to use LFT for transferring data between Atlas and UL HPC Clusters. This method can reliably transfer large data volumes (typically several terabytes). However, LFT can only be used if the data is already on LFT (e.g., received from external collaborators). In this case, you can make a copy of the data and directly download it to the UL HPC Clusters for computational analysis. Note that a **master copy of the data must still be manually uploaded to Atlas** for internal archival.
+
+Please refer to the [dedicated How-to Card on LFT]({{'/?exchange-channels:lft' | relative_url }}) for detailed information.
+
+**Note**: In cases when the analysis data are not already received via LFT, we strongly recommend to use one of the other (simpler) methods instead.

external/exchange-channels/cryptomator/cryptomator.md

@@ -17,22 +17,27 @@ Cryptomator is a cloud cryptor - a tool allowing to work on and to share encrypt
 
 Cryptomator protects your data by ingesting it in a so-called vault, which is mounted to a virtual drive and password protected. To access and view the data, you must unlock the vault with the created password. The data is stored on the cloud of your choice when creating the vault, but is encrypted automatically by the Cryptomator client. It is only from the virtual drive which act as a USB flash drive that you can access and view the data, as it shows the decrypted view of its content. Ingesting your files directly into the virtual drive permits Cryptomator to automatically encrypt the data with AES and 256-bit key length. 
 
-Please follow the below sections to: download Cryptomator locally on your computer, enable Cryptomator on your preffered cloud, or manage vaults as an administrator. Please visit Cryptomator’s official website for the full documentation on [vault management](https://docs.cryptomator.org/en/latest/). 
+This How-to Card provides a guide on the below topics. For the full documentation on using Cryptomator, please visit the [official website](https://docs.cryptomator.org/en/latest/). 
+- [Download Cryptomator Desktop](#downloading-cryptomator-desktop)
+- [Setting up Cryptomator Hub](#setting-up-cryptomator-hub)
+- [Vault management](#vault-management) 
+- [Collaborating on a shared vault as a user](#collaborating-on-a-shared-vault-as-a-user)
 
 `Note:` Cryptomator does not offer cloud storage but adds an extra protection to your data stored on the cloud by automatically encrypting the files in the vault. 
 
-## Downloading Cryptomator Desktop
+## Downloading Cryptomator Desktop 
 The desktop version of Cryptomator is available both for macOS, Windows, and Linux. Please follow the [guide](https://docs.cryptomator.org/en/latest/desktop/setup/) on Cryptomator's official website to install the application on your operating system. 
 
  <img src="img/cryptomator-main.png" height="400px"><br>
 
-## Setting up key management system with Cryptomator Hub
- Cryptomator Hub adds key and access management to your vaults from a central component deployed on your infrastructure, permitting collaborative work. As an admin, you can share your vaults with other people, who can access the vault by authenticating with Keycloak. There is thus no need for creating new accounts nor sharing encryption passwords with collaborators which are easily stolen, copied, or misused, and no data is shared on any online services. 
+## Cryptomator Hub
+ Cryptomator Hub adds key and access management to your vaults from a central component deployed on your infrastructure, permitting collaborative work. As an owner/administrator of a vault, you can share your vaults with other people, who can access the vault by authenticating with Keycloak. There is thus no need for creating new accounts nor sharing encryption passwords with collaborators which are easily stolen, copied, or misused, and no data is shared on any online services. 
 
 As a vault administrator it is important to manage the admin password properly. In case you lose or forget the admin password, a recovery key is needed to restore access to the vault. This recovery key is generated upon creating the vault (see guide below). In practical, it is the responsibility of the project manager and/or PI to manage and store the admin vault password securely. Please use passphrase and proper password management when creating the admin vault password. For further information, visit the How-to Card on [password management]( https://howto.lcsb.uni.lu/?access:passwords). 
 
-## Enabling Cryptomator using a cloud of your choice
-1. Go to the LCSB instance of Cryptomator Hub https://lcsb.cryptomator.cloud/.
+## Setting up Cryptomator Hub
+**Prerequisite:** A Cryptomator license is required to use Cryptomator Hub and can be requested via the [Service Portal](https://service.uni.lu/sp?id=sc_cat_item&sys_id=d3766892db3fa010ca534540399619a8&sysparm_category=735620d2db3fa010ca53454039961940). 
+1. Go to the LCSB instance of [Cryptomator Hub](https://lcsb.cryptomator.cloud/).
 2. Click on “LCSB Login”. 
 
     <img src="img/cryptomatorHub-login.png" height="400px"> <br>
@@ -41,7 +46,7 @@ As a vault administrator it is important to manage the admin password properly.
 
     <img src="img/uni-login.png" height="400px"> <br>
 
-4. When signed in successfully, you will be presented with the Hub's main page. To create a new vault, click the “Add” button on the top left corner and then "create new". 
+4. When signed in successfully, you will be presented with the Hub's main page. To create a new vault, click the “Add” button on the top right corner and then "create new". 
 
     <img src="img/hub-mainpage.png" height="350px"> <br>
 
@@ -49,20 +54,20 @@ As a vault administrator it is important to manage the admin password properly.
 
     <img src="img/creating-vault.png" height="350px"> <br>
 
-6. A recovery key is displayed on the page. Copy the recovery key and store it in a safe location (e.g. password management system). The recocery key is needed for restoring access to the vault data. Tick the checkbox and click “Create Vault”. 
+6. A recovery key is displayed on the page. Copy the recovery key and store it in a safe location (e.g. password management system like [Bitwarden](https://bitwarden.com/) or [Keepass](https://keepass.info/)). The recocery key is needed for restoring access to the vault data. Tick the checkbox and click “Create Vault”. 
 
     <img src="img/recovery-key.png" height="350px"> <br>
 
-7. The vault has now been successfully created from the Hub. Click “download zipped vault folder”. 
+7. The vault has now been successfully created from the Hub. You can now mount the vault to your desired cloud storage location by clicking “download zipped vault folder”. 
 
     <img src="img/download-vault-template.png" height="350px"> <br>
 
-8. Unzip the vault in your preferred cloud storage location (e.g., ownCloud or OneDrive). 
+8. Unzip the vault in the cloud storage location (e.g. ownCloud or OneDrive). 
 
     <img src="img/ownCloud-folder.png" height="300px"> <br>
 
-## Managing a vault as an administrator
-The following steps can only be performed by the vault administrator. 
+## Vault management
+The following steps shows how to share a vault with other people and can only be performed by the vault administrator.
 
 1. From the Hub's main page, click on the vault you wish to share and then "Manage vault". 
 
@@ -76,12 +81,10 @@ The following steps can only be performed by the vault administrator.
 
     <img src="img/add-member.png" height="450px"> <br> 
  
-4. The team member has to register their local device to the shared vault (see next section). Once the device of the user has been registered to the vault, the admin can grant access by clicking on “update permission”. 
+4. Before the user can access your vault, the user has to register the vault to the user's local device (see section "Collaborating on a shared vault as a user). Only then can the vault administrator grant permission by clicking on “update permission”. 
 
     <img src="img/grant-access.png" height="150px"> <br>
 
-5. Once access is granted, the team member can unlock the vault locally. 
-
 ## Collaborating on a shared vault as a user
 1. Open the desktop application. Click the “add’ button and then “Existing vault”. 
 
@@ -101,15 +104,15 @@ The following steps can only be performed by the vault administrator.
 
 5. Cryptomator will automatically redirect you to the login page. Please authenticate yourself with Keycloak.
 
-6. If it is the first time you connect your device to the shared vault, you have to register the device. In this case, you will be prompt to enter a device name and then click "Confirm. The admin can now grant access to the device. 
+6. If it is the first time you connect your device to the shared vault, you have to register the device. In this case, you will be prompt to enter a device name and then click "Confirm". The admin can now grant access to the device. 
 
    <img src="img/register-device.png" height="200px"> <br> 
 
-7. Once the admin grants access the vault is unlocked. Click “Reveal drive” to access the vault on the virtual drive. 
+7. Once the admin grants access, click “Reveal drive” to access the vault on the virtual drive. 
 
    <img src="img/unlock-vault.png" height="400px"> <br> 
 
-8. All data can now be ingested in the vault on the virtual drive.
+8. You can now view decrypted data and save files in the vault on the virtual drive.
 
     <img src="img/vault-data.png" height="400px"> <br> 
 

external/exchange-channels/lft/lft.md

@@ -99,10 +99,6 @@ And follow instructions there. Export variables and execute the command to downl
 
 You can use the official [IBM Aspera Diagnostic Tool](https://test-connect.asperasoft.com/) to troubleshoot your connectivity issues.
 
-### Using Microsoft Edge browser
-
-Microsoft Edge browser requires to download and install [IBM Aspera Connect for Edge](https://microsoftedge.microsoft.com/addons/detail/ibm-aspera-connect/kbffkbiljjejklcpnfmoiaehplhcifki).
-
 ### UDP/TCP port and firewall
 
 > **IMPORTANT:** Aspera requires UDP ports to be enabled on firewalls.
@@ -114,6 +110,14 @@ Specifically your firewall should:
 
 Detailed information on how to configure firewalls when working with Aspera is given [here](https://download.asperasoft.com/download/docs/p2p/3.5.1/p2p_admin_win/webhelp/dita/configuring_the_firewall.html).
 
+### Using Microsoft Edge browser
+
+Microsoft Edge browser requires to download and install [IBM Aspera Connect for Edge](https://microsoftedge.microsoft.com/addons/detail/ibm-aspera-connect/kbffkbiljjejklcpnfmoiaehplhcifki).
+
+### Error "Passphrase doesn't match"
+
+You are using wrong encryption passphrase. Check that you use the encryption passphrase from the correct link, update variables in your script, if any.
+
 ### Command-Line error "command not found: ascp" ###
 
 Run `ascli config ascp show` to show path of `ascp`.

external/integrity/encryption/file/encryption_file.md

@@ -11,7 +11,7 @@ redirect_from:
 # Encrypting Files and Folders
 Encryption is an effective measure to protect sensitive data. This How-to card provides instructions for file and folder encryption on platforms commonly used by LCSB staff.
 
-**IMPORTANT NOTICE:** One important requirement of using Encryption is that you must  manage your Encryption Passwords/Keys. Failing to do so will mean **loosing your data indefinitely**. In this [link]({{ '/?access:passwords' | relative_url }}) we list  tools that can be used for password management. **Please make sure you have arrangements for password management before starting the encryption of data**.
+**IMPORTANT NOTICE:** One important requirement of using Encryption is that you must  manage your Encryption Passwords/Keys. Failing to do so will mean **losing your data indefinitely**. The [Managing your passwords card]({{ '/?access:passwords' | relative_url }}) lists the tools that can be used for password management. **Please make sure you have arrangements for password management before starting the encryption of data**.
 
 ## macOS
 The built-in mechanism for file-level encryption on a Mac is  Encrypted Disk Images (*.dmg* files). In order to create a disk image:
@@ -83,20 +83,15 @@ In order to use turn on EFS for a folder:
 
 ## Cloud Platforms
 
-As per LCSB Policy, you should not store sensitive human data on commercial cloud services (e.g. Google Drive, Dropbox). However, there may be situations where commercial clouds are used:
+As per LCSB Policy, you should NOT store sensitive human data on commercial cloud services (e.g. Google Drive, Dropbox). However, there may be situations where commercial clouds are used:
 
-- There is a project/consortium level agreement to use external cloud storage,
-- You're working with sensitive data, and need to temporarily co-access it with research collaborators,
+- There is a project/consortium level agreement to use external cloud storage.
+- You're working with sensitive data, and need to temporarily co-access it with research collaborators.
 - You're working with non-sensitive data and using the cloud as a backup target.
 
 In such cases, you may use the following desktop tools to encrypt cloud folders.
 
-- [boxcryptor](https://www.boxcryptor.com/en/) (Paid). If you're holding sensitive LCSB research data  on commercial cloud (case 2 above), you must use Boxcryptor. Contact the LCSB IT  team to request a license.
-    - [Installation/Mac](http://bit.ly/BXC-MAC_INSTALLATION)
-    - [Installation/Windows](http://bit.ly/BXC-WINDOWS_INSTALLATION)
-    - [Sharing Folders](http://bit.ly/BXC-FILE_SHARING)
-    - [Encrypt Folder](http://bit.ly/BXC-FILE_ENCRYPTION)
-    - [Decrypt Folder](http://bit.ly/BXC-FILE_DECRYPTION)
+- [Cryptomator](https://cryptomator.org/). If you're holding sensitive LCSB research data on commercial cloud (case 2 above), you must use Cryptomator. Request a license via ServiceNow and visit the dedicated [How-to card on Cryptomator]({{ '?exchange-channels:cryptomator' | relative_url }}) for further information.
 
 - [Cyberduck](https://cyberduck.io/cryptomator/) (Free).
 
@@ -105,4 +100,4 @@ In such cases, you may use the following desktop tools to encrypt cloud folders.
 
 The Uni-LU HPC Team is planning to install [EncFS](https://en.wikipedia.org/wiki/EncFS) on the HPC clusters. EncFS allows for the creation of an encrypted volume (similar to a folder). EncFS provides transparent encryption, once you mount the encrypted volume, anything that goes into the volume will automatically be encrypted. Also, whenever you try to view or process a file in a mounted EncFS volume, it will be decrypted for you (behind the scenes) automatically.
 
-We will provide instructions for EncFS once it becomes available .
+The instructions for EncFS will be provided once it becomes available.