diff --git a/docs.it4i/general/access/.gitkeep b/docs.it4i/general/access/.gitkeep
new file mode 100644
index 0000000000000000000000000000000000000000..8b137891791fe96927ad78e64b0aad7bded08bdc
--- /dev/null
+++ b/docs.it4i/general/access/.gitkeep
@@ -0,0 +1 @@
+
diff --git a/docs.it4i/general/access/account-introduction.md b/docs.it4i/general/access/account-introduction.md
new file mode 100644
index 0000000000000000000000000000000000000000..f8037da54442f16d30bc199668663dff375fdffd
--- /dev/null
+++ b/docs.it4i/general/access/account-introduction.md
@@ -0,0 +1,31 @@
+# Introduction
+
+This section provides basic information on how to gain access to IT4Innovations Information systems and project membership.
+
+## Account Types
+
+There are two types of accounts on IT4Innovations:
+
+* [**e-INFRA CZ Account**][1]
+ Intended for all persons affiliated with an academic institution from the Czech Republic ([eduID.cz][a]).
+
+* [**IT4I Account**][2]
+ Intended for all persons who are not eligible for e-INFRA CZ account.
+
+Once you create an account, you can use it only for communication with IT4I support and accessing the SCS information system.
+If you want to access IT4I clusters, your account must also be **assigned to a project**.
+
+For more information, see the section:
+
+* [**Get Project Membership**][3]
+ if you want to become a collaborator on a project, or
+
+* [**Get Project**][4]
+ if you want to become a project owner.
+
+[1]: ./einfracz-account.md
+[2]: ../obtaining-login-credentials/obtaining-login-credentials.md
+[3]: ../access/project-access.md
+[4]: ../applying-for-resources.md
+
+[a]: https://www.eduid.cz/
diff --git a/docs.it4i/general/access/einfracz-account.md b/docs.it4i/general/access/einfracz-account.md
new file mode 100644
index 0000000000000000000000000000000000000000..1934f69a6792f6b790f7eb3f840169b4e2c89dca
--- /dev/null
+++ b/docs.it4i/general/access/einfracz-account.md
@@ -0,0 +1,40 @@
+# e-INFRA CZ Account
+
+[e-INFRA CZ][1] is a unique research and development e-infrastructure in the Czech Republic,
+which provides capacities and resources for the transmission, storage and processing of scientific and research data.
+IT4Innovations has become a member of e-INFRA CZ on January 2022.
+
+!!! important
+ Only persons affiliated with an academic institution from the Czech Republic ([eduID.cz][6]) are eligible for an e-INFRA CZ account.
+
+## Request e-INFRA CZ Account
+
+1. Go to [https://signup.e-infra.cz/fed/registrar/?vo=IT4Innovations][2]
+1. Select a member academic institution you are affiliated with.
+1. Fill out the e-INFRA CZ Account information (username, password and ssh key(s)).
+
+Your account should be created in a few minutes after submitting the request.
+
+Once your e-INFRA CZ account is created, it is propagated into IT4I systems
+and can be used to access [SCS portal][3] and [Request Tracker][4].
+
+Continue with requesting a project or project membership.
+
+## Logging Into IT4I Services
+
+The table below shows how different IT4I services are accessed:
+
+| Services | Access |
+| -------- | ------- |
+| Clusters | SSH key |
+| IS, RT, web, VPN | e-INFRA CZ login |
+| Profile<br>Change password<br>Change SSH key | Academic institution's credentials<br>e-INFRA CZ / eduID |
+
+You can change you profile settings at any time.
+
+[1]: https://www.e-infra.cz/en
+[2]: https://signup.e-infra.cz/fed/registrar/?vo=IT4Innovations
+[3]: https://scs.it4i.cz/
+[4]: https://support.it4i.cz/
+[5]: ../../management/einfracz-profile.md
+[6]: https://www.eduid.cz/
diff --git a/docs.it4i/general/access/project-access.md b/docs.it4i/general/access/project-access.md
new file mode 100644
index 0000000000000000000000000000000000000000..9b3297e7ccddb5ac53329012c39a3888b3719a15
--- /dev/null
+++ b/docs.it4i/general/access/project-access.md
@@ -0,0 +1,39 @@
+# Get Project Membership
+
+!!! note
+ You need to be named as a collaborator by a Primary Investigator (PI) in order to access and use the clusters.
+
+## Authorization by Web
+
+This is a preferred method if you have an IT4I or e-INFRA CZ account.
+
+Log in to the [IT4I SCS portal][e] and go to the **Authorization Requests** section. Here you can submit your requests for becoming a project member. You will have to wait until the project PI authorizes your request.
+
+## Authorization by Email
+
+An alternative way to become a project member is on request sent via [email by the project PI][8].
+
+[1]: https://docs.it4i.cz/general/obtaining-login-credentials/obtaining-login-credentials/#certificates-for-digital-signatures
+[2]: #authorization-by-web
+[3]: #alternative-way-to-personal-certificate
+[4]: #certificates-for-digital-signatures
+[5]: ../accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md
+[6]: ../accessing-the-clusters/shell-access-and-data-transfer/putty.md#putty-key-generator
+[7]: ../obtaining-login-credentials/certificates-faq.md
+[8]: ../../obtaining-login-credentials/#authorization-by-email-an-alternative-approach
+
+[a]: https://support.it4i.cz/rt/
+[b]: mailto:support@it4i.cz
+[c]: https://www.it4i.cz/cs/file/f4afe72710863f0e8d119a31389e7bfb/5422/acceptable-use-policy.pdf
+[d]: http://support.it4i.cz/
+[e]: https://scs.it4i.cz/
+[f]: http://www.igtf.net/
+[g]: https://www.eugridpma.org
+[h]: https://tcs.cesnet.cz
+[i]: http://www.postsignum.cz/
+[j]: http://www.ica.cz/Kvalifikovany-certifikat.aspx
+[k]: http://idoc.vsb.cz/xwiki/wiki/infra/view/uzivatel/moz-cert-gen
+[l]: https://extrassl.actalis.it/portal/uapub/freemail?lang=en
+[r]: https://www.it4i.cz/computing-resources-allocation/?lang=en
+[s]: https://www.actalis.it/en/certificates-for-secure-electronic-mail.aspx
+[t]: https://www.actalis.it/en/certificates-for-secure-electronic-mail.aspx
diff --git a/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/putty.md b/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/putty.md
index 2a70370b4d898e842cb99c8f3e739a062d9985b6..b1a74d5c9202f73d00ed8b8020c7d24a078b81ab 100644
--- a/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/putty.md
+++ b/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/putty.md
@@ -5,11 +5,9 @@
We recommend you to download "**A Windows installer for everything except PuTTYtel**" with **Pageant** (SSH authentication agent) and **PuTTYgen** (PuTTY key generator) which is available [here][a].
!!! note
- "Change Password for Existing Private Key" is optional.
-
- "Generate a New Public/Private key pair" is intended for users without Public/Private key in the initial email containing login credentials.
-
"Pageant" is optional.
+
+ "Change Password for Existing Private Key" is optional.
## PuTTY - How to Connect to the IT4Innovations Cluster
diff --git a/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/ssh-key-management.md b/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/ssh-key-management.md
index 4040ee6d85d0aeef180f7ed21bde13acee9231a3..76dd2740b05990885ee7deba077b4f518d9b9220 100644
--- a/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/ssh-key-management.md
+++ b/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/ssh-key-management.md
@@ -1,18 +1,65 @@
-# SSH Key Management
+# SSH
-When you first create an account with IT4Innovations, you receive an SSH key with your credentials. However, you can manage your own SSH key for authentication to clusters.
+Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network.
+SSH uses public-private key pair for authentication, allowing users to log in without having to specify a password. The public key is placed on all computers that must allow access to the owner of the matching private key (the private key must be kept **secret**).
-## Managing Your Own Key
+## Private Key
-1. Generate your SSH key (see the [OpenSSH Keys (UNIX)][1] or [PuTTY (Windows)][2] section).
+!!! note
+ The path to a private key is usually /home/username/.ssh/
-1. Go to [https://extranet.it4i.cz/ssp/index.php?action=changesshkey][a]
+A private key file in the `id_rsa` or `*.ppk` format is present locally on local side and used for example in the Pageant SSH agent (for Windows users). The private key should always be kept in a safe place.
-1. Enter your username, password and public SSH key.
+An example of private key format:
-1. Changes will take effect immediately.
+```console
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpAIBAAKCAQEAqbo7jokygnBpG2wYa5NB45ns6+UKTNLMLHF0BO3zmRtKEElE
+ aGqXfbYwvXlcuRb2d9/Y5dVpCZHV0kbY3NhtVOcEIe+1ROaiU9BEsUAhMNEvgiLV
+ gSql4QvRO4BWPlM8+WAWXDp3oeoBh8glXyuh9teb8yq98fv1r1peYGRrW3/s4V+q
+ O1SQ0XY2T7rWCYRLIP6rTMXArTI35v3WU513mn7nm1fJ7oN0QgVH5b0W9V1Kyc4l
+ 9vILHeMXxvz+i/5jTEfLOJpiRGYZYcaYrE4dIiHPl3IlbV7hlkK23Xb1US8QJr5G
+ ADxp1VTkHjY+mKagEfxl1hQIb42JLHhKMEGqNQIDAQABAoIBAQCkypPuxZjL+vai
+ UGa5dAWiRZ46P2yrwHPKpvEdpCdDPbLAc1K/CtdBkHZsUPxNHVV6eFWweW99giIY
+ Av+mFWC58X8asBHQ7xkmxW0cqAZRzpkRAl9IBS9/fKjO28Fgy/p+suOi8oWbKIgJ
+ 3LMkX0nnT9oz1AkOfTNC6Tv+3SE7eTj1RPcMjur4W1Cd1N3EljLszdVk4tLxlXBS
+ yl9NzVnJJbJR4t01l45VfFECgYEAno1WJSB/SwdZvS9GkfhvmZd3r4vyV9Bmo3dn
+ XZAh8HRW13imOnpklDR4FRe98D9A7V3yh9h60Co4oAUd6N+Oc68/qnv/8O9efA+M
+ /neI9ANYFo8F0+yFCp4Duj7zPV3aWlN/pd8TNzLqecqh10uZNMy8rAjCxybeZjWd
+ DyhgywXhAoGBAN3BCazNefYpLbpBQzwes+f2oStvwOYKDqySWsYVXeVgUI+OWTVZ
+ eZ26Y86E8MQO+q0TIxpwou+TEaUgOSqCX40Q37rGSl9K+rjnboJBYNCmwVp9bfyj
+ kCLL/3g57nTSqhgHNa1xwemePvgNdn6FZteA8sXiCg5ZzaISqWAffek5AoGBAMPw
+ V/vwQ96C8E3l1cH5cUbmBCCcfXM2GLv74bb1V3SvCiAKgOrZ8gEgUiQ0+TfcbAbe
+ 7MM20vRNQjaLTBpai/BTbmqM1Q+r1KNjq8k5bfTdAoGANgzlNM9omM10rd9WagL5
+ yuJcal/03p048mtB4OI4Xr5ZJISHze8fK4jQ5veUT9Vu2Fy/w6QMsuRf+qWeCXR5
+ RPC2H0JzkS+2uZp8BOHk1iDPqbxWXJE9I57CxBV9C/tfzo2IhtOOcuJ4LY+sw+y/
+ ocKpJbdLTWrTLdqLHwicdn8OxeWot1mOukyK2l0UeDkY6H5pYPtHTpAZvRBd7ETL
+ Zs2RP3KFFvho6aIDGrY0wee740/jWotx7fbxxKwPyDRsbH3+1Wx/eX2RND4OGdkH
+ gejJEzpk/7y/P/hCad7bSDdHZwO+Z03HIRC0E8yQz+JYatrqckaRCtd7cXryTmTR
+ FbvLJmECgYBDpfno2CzcFJCTdNBZFi34oJRiDb+HdESXepk58PcNcgK3R8PXf+au
+ OqDBtZIuFv9U1WAg0gzGwt/0Y9u2c8m0nXziUS6AePxy5sBHs7g9C9WeZRz/nCWK
+ +cHIm7XOwBEzDKz5f9eBqRGipm0skDZNKl8X/5QMTT5K3Eci2n+lTw==
+ -----END RSA PRIVATE KEY-----
+```
+
+## Public Key
+
+A public key file in the `*.pub` format is present on the remote side and allows an access to the owner of the matching private key.
+
+An example of public key format:
+
+```console
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCpujuOiTKCcGkbbBhrk0Hjmezr5QpM0swscXQE7fOZG0oQSURoapd9tjC9eVy5FvZ339jl1WkJkdXSRtjc2G1U5wQh77VE5qJT0ESxQCEw0S+CItWBKqXhC9E7gFY+UyP5YBZcOneh6gGHyCVfK6H215vzKr3x+/WvWl5gZGtbf+zhX6o4RJDRdjZPutYJhEsg/qtMxcCtMjfm/dZTnXeafuebV8nug3RCBUflvRb1XUrJuiX28gsd4xfG/P6L/mNMR8s4kmJEZhlhxpj8Th0iIc+XciVtXuGWQrbddcVRLxAmvkYAPGnVVOQeNj69pqAR/GXaFAhvjYkseEowQao1 username@organization.example.com
+```
+
+## SSH Key Management
+
+You can manage your own SSH key for authentication to clusters:
+
+* [e-INFRA CZ account][3]
+* [IT4I account][4]
[1]: ./ssh-keys.md
[2]: ./putty.md
-
-[a]: https://extranet.it4i.cz/ssp/index.php?action=changesshkey
+[3]: ../../management/einfracz-profile.md
+[4]: ../../management/it4i-profile.md
diff --git a/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md b/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md
index ccbf8445de7abe5de5ddaee55d837c2b6871f062..dd8bd7c846e1701d667c0a6f0ab12eb84bf299ac 100644
--- a/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md
+++ b/docs.it4i/general/accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md
@@ -11,54 +11,8 @@ local $ ssh-keygen -C 'username@organization.example.com' -f additional_key
!!! note
Enter a **strong** **passphrase** for securing your private key.
-## Private Key
-
-!!! note
- The path to a private key is usually /home/username/.ssh/
-
-A private key file in the `id_rsa` or `*.ppk` format is used to authenticate with the servers. A private key is present locally on local side and used for example in the Pageant SSH agent (for Windows users). The private key should always be kept in a safe place.
-
-An example of private key format:
-
-```console
- -----BEGIN RSA PRIVATE KEY-----
- MIIEpAIBAAKCAQEAqbo7jokygnBpG2wYa5NB45ns6+UKTNLMLHF0BO3zmRtKEElE
- aGqXfbYwvXlcuRb2d9/Y5dVpCZHV0kbY3NhtVOcEIe+1ROaiU9BEsUAhMNEvgiLV
- gSql4QvRO4BWPlM8+WAWXDp3oeoBh8glXyuh9teb8yq98fv1r1peYGRrW3/s4V+q
- O1SQ0XY2T7rWCYRLIP6rTMXArTI35v3WU513mn7nm1fJ7oN0QgVH5b0W9V1Kyc4l
- 9vILHeMXxvz+i/5jTEfLOJpiRGYZYcaYrE4dIiHPl3IlbV7hlkK23Xb1US8QJr5G
- ADxp1VTkHjY+mKagEfxl1hQIb42JLHhKMEGqNQIDAQABAoIBAQCkypPuxZjL+vai
- UGa5dAWiRZ46P2yrwHPKpvEdpCdDPbLAc1K/CtdBkHZsUPxNHVV6eFWweW99giIY
- Av+mFWC58X8asBHQ7xkmxW0cqAZRzpkRAl9IBS9/fKjO28Fgy/p+suOi8oWbKIgJ
- 3LMkX0nnT9oz1AkOfTNC6Tv+3SE7eTj1RPcMjur4W1Cd1N3EljLszdVk4tLxlXBS
- yl9NzVnJJbJR4t01l45VfFECgYEAno1WJSB/SwdZvS9GkfhvmZd3r4vyV9Bmo3dn
- XZAh8HRW13imOnpklDR4FRe98D9A7V3yh9h60Co4oAUd6N+Oc68/qnv/8O9efA+M
- /neI9ANYFo8F0+yFCp4Duj7zPV3aWlN/pd8TNzLqecqh10uZNMy8rAjCxybeZjWd
- DyhgywXhAoGBAN3BCazNefYpLbpBQzwes+f2oStvwOYKDqySWsYVXeVgUI+OWTVZ
- eZ26Y86E8MQO+q0TIxpwou+TEaUgOSqCX40Q37rGSl9K+rjnboJBYNCmwVp9bfyj
- kCLL/3g57nTSqhgHNa1xwemePvgNdn6FZteA8sXiCg5ZzaISqWAffek5AoGBAMPw
- V/vwQ96C8E3l1cH5cUbmBCCcfXM2GLv74bb1V3SvCiAKgOrZ8gEgUiQ0+TfcbAbe
- 7MM20vRNQjaLTBpai/BTbmqM1Q+r1KNjq8k5bfTdAoGANgzlNM9omM10rd9WagL5
- yuJcal/03p048mtB4OI4Xr5ZJISHze8fK4jQ5veUT9Vu2Fy/w6QMsuRf+qWeCXR5
- RPC2H0JzkS+2uZp8BOHk1iDPqbxWXJE9I57CxBV9C/tfzo2IhtOOcuJ4LY+sw+y/
- ocKpJbdLTWrTLdqLHwicdn8OxeWot1mOukyK2l0UeDkY6H5pYPtHTpAZvRBd7ETL
- Zs2RP3KFFvho6aIDGrY0wee740/jWotx7fbxxKwPyDRsbH3+1Wx/eX2RND4OGdkH
- gejJEzpk/7y/P/hCad7bSDdHZwO+Z03HIRC0E8yQz+JYatrqckaRCtd7cXryTmTR
- FbvLJmECgYBDpfno2CzcFJCTdNBZFi34oJRiDb+HdESXepk58PcNcgK3R8PXf+au
- OqDBtZIuFv9U1WAg0gzGwt/0Y9u2c8m0nXziUS6AePxy5sBHs7g9C9WeZRz/nCWK
- +cHIm7XOwBEzDKz5f9eBqRGipm0skDZNKl8X/5QMTT5K3Eci2n+lTw==
- -----END RSA PRIVATE KEY-----
-```
-
-## Public Key
-
-A public key file in the `*.pub` format is used to verify a digital signature. A public key is present on the remote side and allows an access to the owner of the matching private key.
-
-An example of public key format:
-
-```console
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCpujuOiTKCcGkbbBhrk0Hjmezr5QpM0swscXQE7fOZG0oQSURoapd9tjC9eVy5FvZ339jl1WkJkdXSRtjc2G1U5wQh77VE5qJT0ESxQCEw0S+CItWBKqXhC9E7gFY+UyP5YBZcOneh6gGHyCVfK6H215vzKr3x+/WvWl5gZGtbf+zhX6o4RJDRdjZPutYJhEsg/qtMxcCtMjfm/dZTnXeafuebV8nug3RCBUflvRb1XUrJuiX28gsd4xfG/P6L/mNMR8s4kmJEZhlhxpj8Th0iIc+XciVtXuGWQrbddcVRLxAmvkYAPGnVVOQeNj69pqAR/GXaFAhvjYkseEowQao1 username@organization.example.com
-```
+By default, your private key is saved to the `id_rsa` file in the `.ssh` directory
+and your public key is saved to the `id_rsa.pub` file.
## Managing Your SSH Key
diff --git a/docs.it4i/general/applying-for-resources.md b/docs.it4i/general/applying-for-resources.md
index 6c2d9d575687dee82d389c2a4b59abbceaac9958..52ec47a585821c7458afd17a6162d5df47134d8e 100644
--- a/docs.it4i/general/applying-for-resources.md
+++ b/docs.it4i/general/applying-for-resources.md
@@ -1,6 +1,10 @@
-# Applying for Resources
+# Get Project
-Computational resources may be allocated via several [allocation mechanisms][a]:
+The computational resources of IT4I are allocated by the Allocation Committee via several [allocation mechanisms][a] to a project investigated by a Primary Investigator. By allocating the computational resources, the Allocation Committee is authorizing the PI to access and use the clusters. The PI may decide to authorize a number of their collaborators to access and use the clusters to consume the resources allocated to their Project. These collaborators will be associated to the Project. The Figure below is depicting the authorization chain:
+
+
+
+**Allocation Mechanisms:**
* Academic researchers may apply via Open Access Competitions.
* Commercial and non-commercial institutions may also apply via the Directors Discretion.
@@ -8,11 +12,63 @@ Computational resources may be allocated via several [allocation mechanisms][a]:
In all cases, IT4Innovations’ access mechanisms are aimed at distributing computational resources while taking into account the development and application of supercomputing methods and their benefits and usefulness for society. The applicants are expected to submit a proposal. In the proposal, the applicants **apply for a particular amount of core-hours** of computational resources. The requested core-hours should be substantiated by scientific excellence of the proposal, its computational maturity and expected impacts. The allocation decision is based on the scientific, technical, and economic evaluation of the proposal.
-For more information, see [Computing resources allocation][a] and [Obtaining Login Credentials][1].
+## Becoming Primary Investigator
+
+Once you create an account, log in to the [IT4I Information System][e] and apply for a project.
+You will be informed by IT4I about the Allocation Committee decision.
+Once approved by the Allocation Committee, you become the Primary Investigator (PI) for the project
+and are authorized to use the clusters and any allocated resources as well as authorize collaborators for your project.
+
+## Authorize Collaborators for Your Project
+
+As a PI, you can approve or deny users' requests to join your project. There are two methods of authorizing collaborators:
+
+### Authorization by Web
+
+This is a preferred method if you have an IT4I or e-INFRA CZ account.
+
+Log in to the [IT4I SCS portal][e] using your credentials and go to the **Authorization Requests** section.
+Here you can authorize collaborators for your project.
+
+### Authorization by Email (An Alternative Approach)
+
+In order to authorize a Collaborator to utilize the allocated resources, the PI should contact the [IT4I support][f] (email: [support\[at\]it4i.cz][g]) and provide the following information:
+
+1. Identify their project by project ID.
+1. Provide a list of people, including themself, who are authorized to use the resources allocated to the project. The list must include the full name, email and affiliation. If collaborators' login access already exists in the IT4I systems, provide their usernames as well.
+1. Include "Authorization to IT4Innovations" into the subject line.
+
+!!! warning
+ Should the above information be provided by email, the email **must be** digitally signed. Read more on [digital signatures][2] below.
+
+Example (except the subject line which must be in English, you may use Czech or Slovak language for communication with us):
+
+```console
+Subject: Authorization to IT4Innovations
+
+Dear support,
+
+Please include my collaborators to project OPEN-0-0.
+
+John Smith, john.smith@myemail.com, Department of Chemistry, MIT, US
+Jonas Johansson, jjohansson@otheremail.se, Department of Physics, RIT, Sweden
+Luisa Fibonacci, lf@emailitalia.it, Department of Mathematics, National Research Council, Italy
+
+Thank you,
+PI
+(Digitally signed)
+```
+
+!!! note
+ Web-based email interfaces cannot be used for secure communication; external application, such as Thunderbird or Outlook must be used. This way, your new credentials will be visible only in applications that have access to your certificate.
[1]: obtaining-login-credentials/obtaining-login-credentials.md
+[2]: https://docs.it4i.cz/general/obtaining-login-credentials/obtaining-login-credentials/#certificates-for-digital-signatures
[a]: https://www.it4i.cz/en/for-users/computing-resources-allocation
[b]: http://www.it4i.cz/open-access-competition/?lang=en&lang=en
[c]: http://www.it4i.cz/obtaining-computational-resources-through-directors-discretion/?lang=en&lang=en
[d]: https://prace-ri.eu/hpc-access/deci-access/deci-access-information-for-applicants/
+[e]: https://scs.it4i.cz
+[f]: https://support.it4i.cz/rt/
+[g]: mailto:support@it4i.cz
diff --git a/docs.it4i/general/management/.gitkeep b/docs.it4i/general/management/.gitkeep
new file mode 100644
index 0000000000000000000000000000000000000000..8b137891791fe96927ad78e64b0aad7bded08bdc
--- /dev/null
+++ b/docs.it4i/general/management/.gitkeep
@@ -0,0 +1 @@
+
diff --git a/docs.it4i/general/management/einfracz-profile.md b/docs.it4i/general/management/einfracz-profile.md
new file mode 100644
index 0000000000000000000000000000000000000000..23dcb1cdce786494a408ef8abf75083638cc2136
--- /dev/null
+++ b/docs.it4i/general/management/einfracz-profile.md
@@ -0,0 +1,15 @@
+# Change e-INFRA CZ Profile Settings
+
+You can change the settings of your e-INFRA CZ profile anytime by visiting [https://profile.e-infra.cz/][1].
+
+## Change Password
+
+To change your e-INFRA CZ account password, go to [https://profile.e-infra.cz/profile/settings/passwordReset][2].
+
+## Change SSH Key
+
+To change SSH key(s) associated with your e-INFRA CZ account, go to [https://profile.e-infra.cz/profile/settings/sshKeys][3].
+
+[1]: https://profile.e-infra.cz/profile
+[2]: https://profile.e-infra.cz/profile/settings/passwordReset
+[3]: https://profile.e-infra.cz/profile/settings/sshKeys
diff --git a/docs.it4i/general/management/it4i-profile.md b/docs.it4i/general/management/it4i-profile.md
new file mode 100644
index 0000000000000000000000000000000000000000..9d9609a92d5f0ec886b054ead0742e0ba8b14314
--- /dev/null
+++ b/docs.it4i/general/management/it4i-profile.md
@@ -0,0 +1,15 @@
+# Change IT4I Account Settings
+
+You can change the settings of your IT4I account anytime by visiting [extranet.it4i.cz][1].
+
+## Change Password
+
+To change your IT4I account password, go to [https://extranet.it4i.cz/ssp/][2].
+
+## Change SSH Key
+
+To change SSH key(s) associated with your IT4I account, go to [https://extranet.it4i.cz/ssp/?action=changesshkey][3].
+
+[1]: https://scs.it4i.cz/
+[2]: https://extranet.it4i.cz/ssp/
+[3]: https://extranet.it4i.cz/ssp/?action=changesshkey
diff --git a/docs.it4i/general/obtaining-login-credentials/obtaining-login-credentials.md b/docs.it4i/general/obtaining-login-credentials/obtaining-login-credentials.md
index 1c9328824e82d0ec3d03c8273ebd8b01b0c76427..e329313a61f266690be7e691a463b9d401d0293d 100644
--- a/docs.it4i/general/obtaining-login-credentials/obtaining-login-credentials.md
+++ b/docs.it4i/general/obtaining-login-credentials/obtaining-login-credentials.md
@@ -1,129 +1,20 @@
-# Obtaining Login Credentials
-
-!!! warning "Temporary Account Creation Suspension"
- During the migration of IT4I accounts into a joint e-INFRA CZ user base, creating new IT4I accounts will be **temporarily suspended from January 19 to January 21**. For more information, see [Migration to e-INFRA CZ][8].
-
-## Obtaining Authorization
-
-The computational resources of IT4I are [allocated][r] by the Allocation Committee to a Project investigated by a Primary Investigator. By [allocating the computational resources][r], the Allocation Committee is authorizing the PI to access and use the clusters. The PI may decide to authorize a number of their collaborators to access and use the clusters to consume the resources allocated to their Project. These collaborators will be associated to the Project. The Figure below is depicting the authorization chain:
-
-
-
-!!! note
- You need to either [become a PI][1] or [be named as a collaborator][2] by a PI in order to access and use the clusters.
-
-## Authorization of PI by Allocation Committee
-
-The PI is authorized to use the clusters by the allocation decision issued by the Allocation Committee. The PI will be informed by IT4I about the Allocation Committee decision.
-
-## Process Flow Chart
-
-This chart describes the process of obtaining login credentials on the clusters. You may skip the tasks that you have already done. Some of the tasks, marked with asterisk (\*), are clickable and will take you to a more detailed description.
-
-* I am a collaborator on a project and want to obtain login credentials
-
-<div class="mermaid">
-graph TB
-id10(I am a collaborator on a project and want to obtain login credentials)
-id20[Obtain a certificate for digital signature]
-id10-->id20
-id30[EduID organizations from CESNET*]
-click id30 "#certificates-for-digital-signatures"
-id40[Personal certificate from PostSignum or I.CA]
-id50[Free certificate from Sectigo / Comodo*]
-click id50 "#alternative-way-to-personal-certificate"
-id55[Other trusted certificate]
-subgraph ""
-id20-->id30
-id20-->id40
-id20-->id50
-id20-->id55
-end
-id60[Export and save the certificate to a file]
-id30-->id60
-id40-->id60
-id50-->id60
-id55-->id60
-id70[Import the certificate into your email client*]
-click id70 "#installation-of-the-certificate-into-your-mail-client"
-id60-->id70
-id80[Send an email with request for access to IT4I Support*]
-click id80 "#login-credentials"
-id70-->id80
-</div>
-
-* I am a Primary Investigator and I want to allow my collaborators to access my project
-
-<div class="mermaid">
-graph TB
-id110(I am a Primary Investigator and I want to allow my collaborators to access my project)
-id120[Obtain a certificate for digital signature]
-id110-->id120
-id130[EduID organizations from CESNET*]
-click id130 "#certificates-for-digital-signatures"
-id140[Personal certificate from PostSignum or I.CA]
-id150[Free certificate from Sectigo / Comodo*]
-click id150 "#alternative-way-to-personal-certificate"
-id155[Other trusted certificate]
-subgraph ""
-id120-->id130
-id120-->id140
-id120-->id150
-id120-->id155
-end
-id160[Export and save the certificate to a file]
-id130-->id160
-id140-->id160
-id150-->id160
-id155-->id160
-id170[Import the certificate into your email client*]
-click id170 "#installation-of-the-certificate-into-your-mail-client"
-id160-->id170
-id180[Send an email with request for authorization to IT4I Support*]
-click id180 "#authorization-by-e-mail-an-alternative-approach"
-id170-->id180
-</div>
-
-* I am an existing user/Primary Investigator and I want to manage my projects/users
-
-<div class="mermaid">
-graph TB
-id210(I am an existing user/Primary Investigator and I want to manage my projects/users)
-id220[Log into scs.it4i.cz]
-id230[Go to the Authorization Requests section]
-id210-->id220
-id220-->id230
-id240[Submit a request to become a project member]
-id245[Wait for an approval from the Primary Investigator]
-id230-->|User|id240
-id240-->id245
-id250[Wait for a user to submit the request to become a project member]
-id255[Approve or deny user requests for becoming project members]
-id230-->|Primary Investigator|id250
-id250-->id255
-id240-.->id255
-</div>
-
-## Login Credentials
+# IT4I Account
!!! important
- CESNET, CERIT-SC, and IT4I infrastructures will operate a joint e-INFRA CZ infrastructure. If you have a CESNET (e.g. MetaCentrum, DÚ) or CERIT-SC account, make sure to choose the same login name for your IT4I account to have uniform access to all services in the future.
+ If you are affiliated with an academic institution from the Czech Republic ([eduID.cz][u]), create an [e-INFRA CZ account][8], instead.
-Once authorized by a PI, every person (PI or collaborator) wishing to access the clusters should contact the [IT4I support][a] (email: [support\[at\]it4i.cz][b]) providing the following information:
+If you are not eligible for an e-INFRA CZ account, contact the [IT4I support][a] (email: [support\[at\]it4i.cz][b]) and provide the following information:
-1. Project ID
1. Full name and affiliation
1. Statement that you have read and accepted the [Acceptable use policy document][c] (AUP).
1. Attach the AUP file.
1. Your preferred username (3 to 12 characters). The preferred username must associate with your first and last name or be otherwise derived from it. Only alphanumeric sequences and dash signs are allowed.
+1. Public part of your SSH key
1. In case you choose an [Alternative way to personal certificate][3], a **scan of photo ID** (personal ID or passport or driver license) is required.
!!! warning
Should the above information be provided by email, the email **must be** digitally signed. Read more on [digital signatures][4] below.
-!!! hint
- VSB associates will be given a VSB login username.
-
Example (except the subject line, which must be in English, you may use Czech or Slovak language for communication with us):
```console
@@ -142,65 +33,13 @@ John Smith
(Digitally signed)
```
-You will receive your personal login credentials by protected email. The login credentials include:
+You will receive your personal login credentials by encrypted email. The login credentials include:
1. username
-1. SSH private key and private key passphrase
1. system password
The clusters are accessed by the [private key][5] and username. Username and password are used for login to the [information systems][d].
-## Authorization by Web
-
-!!! warning
- **Only** for those who already have their IT4I HPC account. This is a preferred way of granting access to project resources. Please, use this method when possible.
-
-This is a preferred way of granting access to project resources. Please, use this method whenever it's possible.
-
-Log in to the [IT4I SCS portal][e] using IT4I credentials and go to the **Authorization Requests** section.
-
-* **Users:** Please, submit your requests for becoming a project member.
-* **Primary Investigators:** Please, approve or deny users' requests in the same section.
-
-## Authorization by EMail (An Alternative Approach)
-
-In order to authorize a Collaborator to utilize the allocated resources, the PI should contact the [IT4I support][a] (email: [support\[at\]it4i.cz][b]) and provide the following information:
-
-1. Identify their project by project ID.
-1. Provide a list of people, including themself, who are authorized to use the resources allocated to the project. The list must include the full name, email and affiliation. If collaborators' login access already exists in the IT4I systems, provide their usernames as well.
-1. Include "Authorization to IT4Innovations" into the subject line.
-
-!!! warning
- Should the above information be provided by email, the email **must be** digitally signed. Read more on [digital signatures][4] below.
-
-Example (except the subject line which must be in English, you may use Czech or Slovak language for communication with us):
-
-```console
-Subject: Authorization to IT4Innovations
-
-Dear support,
-
-Please include my collaborators to project OPEN-0-0.
-
-John Smith, john.smith@myemail.com, Department of Chemistry, MIT, US
-Jonas Johansson, jjohansson@otheremail.se, Department of Physics, RIT, Sweden
-Luisa Fibonacci, lf@emailitalia.it, Department of Mathematics, National Research Council, Italy
-
-Thank you,
-PI
-(Digitally signed)
-```
-
-## Change Passphrase
-
-On Linux, use:
-
-```console
-local $ ssh-keygen -f id_rsa -p
-```
-
-On Windows, use [PuTTY Key Generator][6].
-
## Certificates for Digital Signatures
We accept personal certificates issued by any widely respected certification authority (CA). This includes certificates by CAs organized in [International Grid Trust Federation][f], its European branch [EUGridPMA][g] and its member organizations, e.g. the [CESNET certification authority][h]. The Czech _"Qualified certificate" (Kvalifikovaný certifikát)_ provided by [PostSignum][i] or [I.CA][j], which is used in electronic contact with Czech authorities, is accepted as well.
@@ -231,18 +70,6 @@ A FAQ about certificates can be found here: [Certificates FAQ][7].
!!! note
Web-based email interfaces cannot be used for secure communication; external application, such as Thunderbird or Outlook must be used. This way, your new credentials will be visible only in applications that have access to your certificate.
-## End of User Account Lifecycle
-
-A user account that is not attached to an active project is deleted 1 year after the last project expires to which it was attached.
-
-The user will be notified by 3 automatically generated emails of the pending removal:
-
-* First email will be sent 3 months before the removal
-* Second email will be sent 1 month before the removal
-* Third email will be sent 1 week before the removal.
-
-These emails will inform about the projected removal date and will prompt the user to migrate their data.
-
[1]: https://docs.it4i.cz/general/obtaining-login-credentials/obtaining-login-credentials/#certificates-for-digital-signatures
[2]: #authorization-by-web
[3]: #alternative-way-to-personal-certificate
@@ -250,7 +77,8 @@ These emails will inform about the projected removal date and will prompt the us
[5]: ../accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md
[6]: ../accessing-the-clusters/shell-access-and-data-transfer/putty.md#putty-key-generator
[7]: ../obtaining-login-credentials/certificates-faq.md
-[8]: ../../einfracz-migration.md
+[8]: ../access/einfracz-account.md
+[10]: ../access/project-access.md
[a]: https://support.it4i.cz/rt/
[b]: mailto:support@it4i.cz
@@ -267,3 +95,4 @@ These emails will inform about the projected removal date and will prompt the us
[r]: https://www.it4i.cz/computing-resources-allocation/?lang=en
[s]: https://www.actalis.it/en/certificates-for-secure-electronic-mail.aspx
[t]: https://www.actalis.it/en/certificates-for-secure-electronic-mail.aspx
+[u]: https://www.eduid.cz/
diff --git a/docs.it4i/general/services-access.md b/docs.it4i/general/services-access.md
new file mode 100644
index 0000000000000000000000000000000000000000..0754a9de1bf4c47b50e3658ad49483b9c177cca3
--- /dev/null
+++ b/docs.it4i/general/services-access.md
@@ -0,0 +1,24 @@
+# Access to IT4I Services
+
+Once you have created an e-INFRA CZ or an IT4I account, you can access the following IT4I services:
+
+## IT4Innovations Information System (SCS IS)
+
+SCS IS is a system where users can apply for a project membership and primary investigators can apply for a project
+or manage ther projects (e.g. accept/deny users' requests to become project members).
+You can also submit a feedback on suppport services, etc. SCS IS is available on [https://scs.it4i.cz/][1].
+
+## Request Tracker (RT)
+
+If you have a question or need help, you can contact our support on [https://support.it4i.cz/][2].
+Please note that first response to a new ticket may take up to 24 hours.
+
+## Cluster Usage Overview
+
+For information about the current clusters usage, go to [https://extranet.it4i.cz/rsweb][3].
+You can switch between the clusters by clicking on its name in the upper right corner.
+You can filter your search by clicking on the respective keywords.
+
+[1]: https://scs.it4i.cz/
+[2]: https://support.it4i.cz/
+[3]: https://extranet.it4i.cz/rsweb
diff --git a/docs.it4i/general/shell-and-data-access.md b/docs.it4i/general/shell-and-data-access.md
index e7a0883d8707ffedffce258d52effd91b28cf54e..21408102ed2c96722f37a75d19b800bfd7d95a6b 100644
--- a/docs.it4i/general/shell-and-data-access.md
+++ b/docs.it4i/general/shell-and-data-access.md
@@ -241,15 +241,6 @@ $ ssh -R 6000:localhost:1080 cluster-name.it4i.cz
Now, configure the applications proxy settings to `localhost:6000`. Use port forwarding to access the [proxy server from compute nodes][5], as well.
-## Graphical User Interface
-
-* The [X Window system][6] is the principal way to get a GUI access to the clusters.
-* [Virtual Network Computing][7] is a graphical desktop-sharing system that uses a Remote Frame Buffer protocol to remotely control another computer.
-
-## VPN Access
-
-* Access IT4Innovations internal resources via [VPN][8].
-
[1]: ../general/accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md
[2]: ../general/accessing-the-clusters/shell-access-and-data-transfer/putty.md
[5]: #port-forwarding-from-login-nodes
diff --git a/docs.it4i/general/support.md b/docs.it4i/general/support.md
new file mode 100644
index 0000000000000000000000000000000000000000..f13c7c452cb20edc4cc713cebdff85977a854522
--- /dev/null
+++ b/docs.it4i/general/support.md
@@ -0,0 +1,9 @@
+# Getting Help and Support
+
+Contact [support\[at\]it4i.cz][a] or use the [support][b] portal for help and support regarding the cluster technology at IT4Innovations.
+For communication, use the **Czech**, **Slovak**, or **English** language.
+Follow the status of your request to IT4Innovations [here][b].
+The IT4Innovations support team will use best efforts to resolve requests within thirty days.
+
+[a]: mailto:support@it4i.cz
+[b]: http://support.it4i.cz/rt
diff --git a/docs.it4i/index.md b/docs.it4i/index.md
index 7dd37d60a6311cb4f6c1383fdb7ee51492778761..73f902260593f1ebdd0d9d6fd1a23faea900a87d 100644
--- a/docs.it4i/index.md
+++ b/docs.it4i/index.md
@@ -8,13 +8,6 @@ Welcome to the IT4Innovations documentation. The IT4Innovations National Superco
1. Scan for all the notes and reminders on the page.
1. If more information is needed, read the details and **look for examples** illustrating the concepts.
-## Getting Help and Support
-
-!!! note
- Contact [support\[at\]it4i.cz][a] for help and support regarding the cluster technology at IT4Innovations. For communication, use the **Czech**, **Slovak**, or **English** language. Follow the status of your request to IT4Innovations [here][b]. The IT4Innovations support team will use best efforts to resolve requests within thirty days.
-
-Use your IT4Innovations username and password to log in to the [support][b] portal.
-
## Required Proficiency
!!! note
diff --git a/mkdocs.yml b/mkdocs.yml
index 91780e814c0377d5014d994c92cbb649fc1246d0..6d879f8d57f4fc094526c6b3c489830aafcddcde 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -48,29 +48,43 @@ theme:
nav:
- General:
- - Home: index.md
- - Obtaining Login Credentials: general/obtaining-login-credentials/obtaining-login-credentials.md
- - Accessing the Clusters: general/shell-and-data-access.md
- - Applying for Resources: general/applying-for-resources.md
- - Certificates FAQ: general/obtaining-login-credentials/certificates-faq.md
- - Resource Allocation and Job Execution:
+ - Introduction: index.md
+ - Get Access:
+ - Introduction: general/access/account-introduction.md
+ - Get Account:
+ - e-INFRA CZ Account: general/access/einfracz-account.md
+ - IT4I Account: general/obtaining-login-credentials/obtaining-login-credentials.md
+ - Get Project Membership: general/access/project-access.md
+ - Get Project: general/applying-for-resources.md
+ - Manage Your Profile:
+ - e-INFRA CZ Profile: general/management/einfracz-profile.md
+ - IT4I Profile: general/management/it4i-profile.md
+ - Access Services:
+ - Access the Clusters:
+ - SSH: general/shell-and-data-access.md
+ - SSH Key Management: general/accessing-the-clusters/shell-access-and-data-transfer/ssh-key-management.md
+ - GUI:
+ - X Window System: general/accessing-the-clusters/graphical-user-interface/x-window-system.md
+ - Xorg: general/accessing-the-clusters/graphical-user-interface/xorg.md
+ - VNC: general/accessing-the-clusters/graphical-user-interface/vnc.md
+ - Access the IS and Web Services: general/services-access.md
+ - VPN Access: general/accessing-the-clusters/vpn-access.md
+ - Run Jobs:
- Introduction: general/resource_allocation_and_job_execution.md
- Resources Allocation Policy: general/resources-allocation-policy.md
- Job Priority: general/job-priority.md
- Job Submission and Execution: general/job-submission-and-execution.md
- Capacity Computing: general/capacity-computing.md
- Migrating from SLURM: general/slurmtopbs.md
- - Connect to the Clusters:
- - SSH Key Management: general/accessing-the-clusters/shell-access-and-data-transfer/ssh-key-management.md
- - OpenSSH Keys (UNIX): general/accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md
- - PuTTY (Windows): general/accessing-the-clusters/shell-access-and-data-transfer/putty.md
- - X Window System: general/accessing-the-clusters/graphical-user-interface/x-window-system.md
- - Xorg: general/accessing-the-clusters/graphical-user-interface/xorg.md
- - VNC: general/accessing-the-clusters/graphical-user-interface/vnc.md
- - VPN Access: general/accessing-the-clusters/vpn-access.md
- - Satisfaction and Feedback: general/feedback.md
- - PRACE User Support: prace.md
- - API Documentation: apiv1.md
+ - Technical Information:
+ - SSH Keys:
+ - OpenSSH Keys (UNIX): general/accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md
+ - PuTTY (Windows): general/accessing-the-clusters/shell-access-and-data-transfer/putty.md
+ - Certificates FAQ: general/obtaining-login-credentials/certificates-faq.md
+ - API Documentation: apiv1.md
+ - Satisfaction and Feedback: general/feedback.md
+ - PRACE: prace.md
+ - Support: general/support.md
- Migration to e-INFRA CZ: einfracz-migration.md
- Withdrawal from service: anselm-salomon-shutdown.md
- PROJECT Storage Availability: project-storage-availability.md
@@ -81,14 +95,14 @@ nav:
- Standard File ACL: storage/standard-file-acl.md
- NFSv4 File ACL: storage/nfs4-file-acl.md
- Clusters:
- - Karolina:
+ - Karolina:
- Introduction: karolina/introduction.md
- Hardware Overview: karolina/hardware-overview.md
- Compute Nodes: karolina/compute-nodes.md
- Storage: karolina/storage.md
- Network: karolina/network.md
- Visualization Servers: karolina/visualization.md
- - Barbora:
+ - Barbora:
- Introduction: barbora/introduction.md
- Hardware Overview: barbora/hardware-overview.md
- Compute Nodes: barbora/compute-nodes.md