Links OK

docs.it4i/general/accessing-the-clusters/vpn-access.md

@@ -15,7 +15,7 @@ It is impossible to connect to VPN from other operating systems.
 
 ## VPN Client Installation
 
-You can install VPN client from web interface after successful login with [IT4I credentials][1] on address [https://vpn.it4i.cz/user][a].
+You can install VPN client from web interface after successful login with [IT4I credentials][1] [here][a].
 
 ![](../../img/vpn_web_login.png)
 

docs.it4i/general/obtaining-login-credentials/certificates-faq.md

@@ -17,11 +17,11 @@ However, users need only manage User and CA certificates. Note that your user ce
 
 ## Q: Which X.509 Certificates Are Recognised by IT4Innovations?
 
-[The Certificates for Digital Signatures](#the-certificates-for-digital-signatures).
+[The Certificates for Digital Signatures][1].
 
 ## Q: How Do I Get a User Certificate That Can Be Used With IT4Innovations?
 
-To get a certificate, you must make a request to your local, IGTF approved, Certificate Authority (CA). Usually you then must visit, in person, your nearest Registration Authority (RA) to verify your affiliation and identity (photo identification is required). Usually, you will then be emailed details on how to retrieve your certificate, although procedures can vary between CAs. If you are in Europe, you can locate [your trusted CA](https://www.eugridpma.org/members/worldmap/).
+To get a certificate, you must make a request to your local, IGTF approved, Certificate Authority (CA). Usually you then must visit, in person, your nearest Registration Authority (RA) to verify your affiliation and identity (photo identification is required). Usually, you will then be emailed details on how to retrieve your certificate, although procedures can vary between CAs. If you are in Europe, you can locate [your trusted CA][a].
 
 In some countries certificates can also be retrieved using the TERENA Certificate Service, see the FAQ below for the link.
 
@@ -31,7 +31,7 @@ Yes, provided that the CA which provides this service is also a member of IGTF.
 
 ## Q: Does IT4Innovations Support the TERENA Certificate Service?
 
- Yes, ITInnovations supports TERENA eScience personal certificates. For more information, visit [TCS - Trusted Certificate Service](https://tcs-escience-portal.terena.org/), where you also can find if your organisation/country can use this service
+ Yes, ITInnovations supports TERENA eScience personal certificates. For more information, visit [TCS - Trusted Certificate Service][b], where you also can find if your organisation/country can use this service.
 
 ## Q: What Format Should My Certificate Take?
 
@@ -51,7 +51,7 @@ To convert your Certificate from p12 to JKS, IT4Innovations recommends using the
 
 Certification Authority (CA) certificates are used to verify the link between your user certificate and the authority which issued it. They are also used to verify the link between the host certificate of a IT4Innovations server and the CA which issued that certificate. In essence they establish a chain of trust between you and the target server. Thus, for some grid services, users must have a copy of all the CA certificates.
 
-To assist users, SURFsara (a member of PRACE) provides a complete and up-to-date bundle of all the CA certificates that any PRACE user (or IT4Innovations grid services user) will require. Bundle of certificates, in either p12, PEM or JKS formats, are [available here](https://winnetou.surfsara.nl/prace/certs/).
+To assist users, SURFsara (a member of PRACE) provides a complete and up-to-date bundle of all the CA certificates that any PRACE user (or IT4Innovations grid services user) will require. Bundle of certificates, in either p12, PEM or JKS formats, are [available here][c].
 
 It is worth noting that gsissh-term and DART automatically updates their CA certificates from this SURFsara website. In other cases, if you receive a warning that a server’s certificate can not be validated (not trusted), then update your CA certificates via the SURFsara website. If this fails, then contact the IT4Innovations helpdesk.
 
@@ -61,7 +61,7 @@ Lastly, if you need the CA certificates for a personal Globus 5 installation, th
     myproxy-get-trustroots -s myproxy-prace.lrz.de
 ```
 
-If you run this command as ’root’, then it will install the certificates into /etc/grid-security/certificates. If you run this not as ’root’, then the certificates will be installed into $HOME/.globus/certificates. For Globus, you can download the globuscerts.tar.gz packet [available here](https://winnetou.surfsara.nl/prace/certs/).
+If you run this command as ’root’, then it will install the certificates into /etc/grid-security/certificates. If you run this not as ’root’, then the certificates will be installed into $HOME/.globus/certificates. For Globus, you can download the globuscerts.tar.gz packet [available here][c].
 
 ## Q: What Is a DN and How Do I Find Mine?
 
@@ -104,7 +104,7 @@ To check your certificate (e.g., DN, validity, issuer, public key algorithm, etc
     openssl x509 -in usercert.pem -text -noout
 ```
 
-To download openssl if not pre-installed, see [here](https://www.openssl.org/source/). On Macintosh Mac OS X computers openssl is already pre-installed and can be used immediately.
+To download openssl if not pre-installed, see [here][d]. On Macintosh Mac OS X computers openssl is already pre-installed and can be used immediately.
 
 ## Q: How Do I Create and Then Manage a Keystore?
 
@@ -126,7 +126,7 @@ You also can import CA certificates into your java keystore with the tool, e.g.:
 
 where $mydomain.crt is the certificate of a trusted signing authority (CA) and $mydomain is the alias name that you give to the entry.
 
-More information on the tool can be found [here](http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/keytool.html)
+More information on the tool can be found [here][e].
 
 ## Q: How Do I Use My Certificate to Access the Different Grid Services?
 
@@ -134,7 +134,7 @@ Most grid services require the use of your certificate; however, the format of y
 
 If employing the PRACE version of GSISSH-term (also a Java Web Start Application), you may use either the PEM or p12 formats. Note that this service automatically installs up-to-date PRACE CA certificates.
 
-If the grid service is UNICORE, then you bind your certificate, in either the p12 format or JKS, to UNICORE during the installation of the client on your local machine. For more information visit [UNICORE6 in PRACE](http://www.prace-ri.eu/UNICORE6-in-PRACE)
+If the grid service is UNICORE, then you bind your certificate, in either the p12 format or JKS, to UNICORE during the installation of the client on your local machine. For more information visit [UNICORE6 in PRACE][f].
 
 If the grid service is part of Globus, such as GSI-SSH, GriFTP or GRAM5, then the certificates can be in either p12 or PEM format and must reside in the "$HOME/.globus" directory for Linux and Mac users or %HOMEPATH%.globus for Windows users. (Windows users will have to use the DOS command ’cmd’ to create a directory which starts with a ’.’). Further, user certificates should be named either "usercred.p12" or "usercert.pem" and "userkey.pem", and the CA certificates must be kept in a pre-specified directory as follows. For Linux and Mac users, this directory is either $HOME/.globus/certificates or /etc/grid-security/certificates. For Windows users, this directory is %HOMEPATH%.globuscertificates. (If you are using GSISSH-Term from prace-ri.eu then you do not have to create the .globus directory nor install CA certificates to use this tool alone).
 
@@ -152,12 +152,23 @@ A proxy certificate is a short-lived certificate which may be employed by UNICOR
 
 ## Q: What Is the MyProxy Service?
 
-[The MyProxy Service](http://grid.ncsa.illinois.edu/myproxy/) , can be employed by gsissh-term and Globus tools, and is an online repository that allows users to store long lived proxy certificates remotely, which can then be retrieved for use at a later date. Each proxy is protected by a password provided by the user at the time of storage. This is beneficial to Globus users as they do not have to carry their private keys and certificates when travelling; nor do users have to install private keys and certificates on possibly insecure computers.
+[The MyProxy Service][g], can be employed by gsissh-term and Globus tools, and is an online repository that allows users to store long lived proxy certificates remotely, which can then be retrieved for use at a later date. Each proxy is protected by a password provided by the user at the time of storage. This is beneficial to Globus users as they do not have to carry their private keys and certificates when travelling; nor do users have to install private keys and certificates on possibly insecure computers.
 
 ## Q: Someone May Have Copied or Had Access to the Private Key of My Certificate Either in a Separate File or in the Browser. What Should I Do?
 
-Please ask the CA that issued your certificate to revoke this certificate and to supply you with a new one. In addition, report this to IT4Innovations by contacting [the support team](https://support.it4i.cz/rt).
+Please ask the CA that issued your certificate to revoke this certificate and to supply you with a new one. In addition, report this to IT4Innovations by contacting [the support team][h].
 
 ## Q: My Certificate Expired. What Should I Do?
 
 In order to still be able to communicate with us, one has to make a request for the new certificate to your Certificate Authority (CA). There is no need to explicitly send us any information about your new certificate if a new one has the same Distinguished Name (DN) as the old one.
+
+[1]: #the-certificates-for-digital-signatures
+
+[a]: https://www.eugridpma.org/members/worldmap/
+[b]: https://tcs-escience-portal.terena.org/
+[c]: https://winnetou.surfsara.nl/prace/certs/
+[d]: https://www.openssl.org/source/
+[e]: http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/keytool.html
+[f]: http://www.prace-ri.eu/UNICORE6-in-PRACE
+[g]: http://grid.ncsa.illinois.edu/myproxy/
+[h]: https://support.it4i.cz/rt

docs.it4i/general/obtaining-login-credentials/obtaining-login-credentials.md

@@ -7,7 +7,7 @@ The computational resources of IT4I are allocated by the Allocation Committee to
 ![](../../img/Authorization_chain.png)
 
 !!! note
-    You need to either [become the PI](general/applying-for-resources) or [be named as a collaborator](#authorization-by-web) by a PI in order to access and use the clusters.
+    You need to either [become the PI][1] or [be named as a collaborator][2] by a PI in order to access and use the clusters.
 
 Head of Supercomputing Services acts as a PI of a project DD-13-5. Joining this project, you may **access and explore the clusters**, use software, development environment and computers via the qexp and qfree queues. You may use these resources for own education/research, no paperwork is required. All IT4I employees may contact the Head of Supercomputing Services in order to obtain **free access to the clusters**.
 
@@ -105,17 +105,17 @@ id240-.->id255
 
 ## Login Credentials
 
-Once authorized by PI, every person (PI or Collaborator) wishing to access the clusters, should contact the [IT4I support](https://support.it4i.cz/rt/) (E-mail: [support\[at\]it4i.cz](mailto:support@it4i.cz)) providing following information:
+Once authorized by PI, every person (PI or Collaborator) wishing to access the clusters, should contact the [IT4I support][a] (E-mail: [support\[at\]it4i.cz][b]) providing following information:
 
 1. Project ID
 1. Full name and affiliation
-1. Statement that you have read and accepted the [Acceptable use policy document](http://www.it4i.cz/acceptable-use-policy.pdf) (AUP).
+1. Statement that you have read and accepted the [Acceptable use policy document][c] (AUP).
 1. Attach the AUP file.
 1. Your preferred username, min 3, max 12 characters long. The preferred username must associate your surname and name or be otherwise derived from it. Only alphanumeric sequences and dash signs are allowed.
-1. In case you choose [Alternative way to personal certificate](#alternative-way-to-personal-certificate), a **scan of photo ID** (personal ID or passport or driver license) is required
+1. In case you choose [Alternative way to personal certificate][3], a **scan of photo ID** (personal ID or passport or driver license) is required
 
 !!! warning
-    Should the above information be provided by e-mail, the e-mail **must be** digitally signed. Read more on [digital signatures](#certificates-for-digital-signatures) below.
+    Should the above information be provided by e-mail, the e-mail **must be** digitally signed. Read more on [digital signatures][4] below.
 
 Example (except the subject line which must be in English, you may use Czech or Slovak language for communication with us):
 
@@ -141,7 +141,7 @@ You will receive your personal login credentials by protected e-mail. The login
 1. ssh private key and private key passphrase
 1. system password
 
-The clusters are accessed by the [private key](general/accessing-the-clusters/shell-access-and-data-transfer/ssh-keys/) and username. Username and password is used for login to the [information systems](http://support.it4i.cz/).
+The clusters are accessed by the [private key][5] and username. Username and password are used for login to the [information systems][d].
 
 ## Authorization by Web
 
@@ -150,21 +150,21 @@ The clusters are accessed by the [private key](general/accessing-the-clusters/sh
 
 This is a preferred way of granting access to project resources. Please, use this method whenever it's possible.
 
-Log in to the [IT4I Extranet portal](https://extranet.it4i.cz) using IT4I credentials and go to the **Projects** section.
+Log in to the [IT4I Extranet portal][e] using IT4I credentials and go to the **Projects** section.
 
 * **Users:** Please, submit your requests for becoming a project member.
 * **Primary Investigators:** Please, approve or deny users' requests in the same section.
 
 ## Authorization by E-Mail (An Alternative Approach)
 
-In order to authorize a Collaborator to utilize the allocated resources, the PI should contact the [IT4I support](https://support.it4i.cz/rt/) (E-mail: [support\[at\]it4i.cz](mailto:support@it4i.cz)) and provide following information:
+In order to authorize a Collaborator to utilize the allocated resources, the PI should contact the [IT4I support][a] (E-mail: [support\[at\]it4i.cz][b]) and provide following information:
 
 1. Identify your project by project ID
 1. Provide list of people, including himself, who are authorized to use the resources allocated to the project. The list must include full name, e-mail and affiliation. Provide usernames as well, if collaborator login access already exists on the IT4I systems.
 1. Include "Authorization to IT4Innovations" into the subject line.
 
 !!! warning
-    Should the above information be provided by e-mail, the e-mail **must be** digitally signed. Read more on [digital signatures](#certificates-for-digital-signatures) below.
+    Should the above information be provided by e-mail, the e-mail **must be** digitally signed. Read more on [digital signatures][4] below.
 
 Example (except the subject line which must be in English, you may use Czech or Slovak language for communication with us):
 
@@ -192,22 +192,22 @@ On Linux, use
 local $ ssh-keygen -f id_rsa -p
 ```
 
-On Windows, use [PuTTY Key Generator](general/accessing-the-clusters/shell-access-and-data-transfer/putty/#putty-key-generator).
+On Windows, use [PuTTY Key Generator][6].
 
 ## Certificates for Digital Signatures
 
-We accept personal certificates issued by any widely respected certification authority (CA). This includes certificates by CAs organized in [International Grid Trust Federation](http://www.igtf.net/), its European branch [EUGridPMA](https://www.eugridpma.org/) and its member organizations, e.g. the [CESNET certification authority](https://tcs.cesnet.cz). The Czech _"Qualified certificate" (Kvalifikovaný certifikát)_ provided by [PostSignum](http://www.postsignum.cz/) or [I.CA](http://www.ica.cz/Kvalifikovany-certifikat.aspx), that is used in electronic contact with Czech authorities is accepted as well.
+We accept personal certificates issued by any widely respected certification authority (CA). This includes certificates by CAs organized in [International Grid Trust Federation][f], its European branch [EUGridPMA][g] and its member organizations, e.g. the [CESNET certification authority][h]. The Czech _"Qualified certificate" (Kvalifikovaný certifikát)_ provided by [PostSignum][i] or [I.CA][j], that is used in electronic contact with Czech authorities is accepted as well.
 
 Certificate generation process for academic purposes, utilizing the CESNET certification authority, is well-described here:
 
-* [How to generate a personal TCS certificate in Mozilla Firefox web browser (in Czech)](http://idoc.vsb.cz/xwiki/wiki/infra/view/uzivatel/moz-cert-gen)
+* [How to generate a personal TCS certificate in Mozilla Firefox web browser.][k] (in Czech)
 
 !!! note
     Certificate file can be installed into your email client. Web-based email interfaces cannot be used for secure communication, external application, such as Thunderbird or Outlook must be used. This way, your new credentials will be visible only in applications, that have access to your certificate.
 
 If you are not able to obtain certificate from any of the respected certification authorities, follow the Alternative Way bellow.
 
-A FAQ about certificates can be found here: [Certificates FAQ](general/obtaining-login-credentials/certificates-faq/).
+A FAQ about certificates can be found here: [Certificates FAQ][7].
 
 ## Alternative Way to Personal Certificate
 
@@ -216,7 +216,7 @@ Follow these steps **only** if you can not obtain your certificate in a standard
 !!! warning
     Please use Firefox (clone) for following steps. Other browsers, like Chrome, are not compatible.
 
-* Go to [COMODO Application for Secure Email Certificate](https://secure.comodo.com/products/frontpage?area=SecureEmailCertificate).
+* Go to [COMODO Application for Secure Email Certificate][l].
 * Fill in the form, accept the Subscriber Agreement and submit it by the _Next_ button.
   * Type in the e-mail address, which you intend to use for communication with us.
   * Don't forget your chosen _Revocation password_.
@@ -237,13 +237,13 @@ The procedure is similar to the following guides:
 
 MS Outlook 2010
 
-* [How to Remove, Import, and Export Digital certificates](http://support.microsoft.com/kb/179380)
-* [Importing a PKCS #12 certificate (in Czech)](http://idoc.vsb.cz/xwiki/wiki/infra/view/uzivatel/outl-cert-imp)
+* [How to Remove, Import, and Export Digital certificates][m]
+* [Importing a PKCS #12 certificate (in Czech)][o]
 
 Mozilla Thudnerbird
 
-* [Installing an SMIME certificate](https://support.globalsign.com/customer/portal/articles/1214955-install-certificate---mozilla-thunderbird)
-* [Importing a PKCS #12 certificate (in Czech)](http://idoc.vsb.cz/xwiki/wiki/infra/view/uzivatel/moz-cert-imp)
+* [Installing an SMIME certificate][p]
+* [Importing a PKCS #12 certificate (in Czech)][q]
 
 ## End of User Account Lifecycle
 
@@ -256,3 +256,28 @@ User will get 3 automatically generated warning e-mail messages of the pending r
 * Third message will be sent 1 week before the removal.
 
 These messages will inform about the projected removal date and will challenge the user to migrate her/his data.
+
+[1]: ../applying-for-resources.md
+[2]: #authorization-by-web
+[3]: #alternative-way-to-personal-certificate
+[4]: #certificates-for-digital-signatures
+[5]: ../accessing-the-clusters/shell-access-and-data-transfer/ssh-keys.md
+[6]: ../accessing-the-clusters/shell-access-and-data-transfer/putty.md#putty-key-generator
+[7]: ../obtaining-login-credentials/certificates-faq.md
+
+[a]: https://support.it4i.cz/rt/
+[b]: mailto:support@it4i.cz
+[c]: http://www.it4i.cz/acceptable-use-policy.pdf
+[d]: http://support.it4i.cz/
+[e]: https://extranet.it4i.cz
+[f]: http://www.igtf.net/
+[g]: https://www.eugridpma.org
+[h]: https://tcs.cesnet.cz
+[i]: http://www.postsignum.cz/
+[j]: http://www.ica.cz/Kvalifikovany-certifikat.aspx
+[k]: http://idoc.vsb.cz/xwiki/wiki/infra/view/uzivatel/moz-cert-gen
+[l]: https://secure.comodo.com/products/frontpage?area=SecureEmailCertificate
+[m]: http://support.microsoft.com/kb/179380
+[o]: http://idoc.vsb.cz/xwiki/wiki/infra/view/uzivatel/outl-cert-imp
+[p]: https://support.globalsign.com/customer/portal/articles/1214955-install-certificate---mozilla-thunderbird
+[q]: http://idoc.vsb.cz/xwiki/wiki/infra/view/uzivatel/moz-cert-imp

docs.it4i/software/tools/ansys/ansys-cfx.md

@@ -53,6 +53,6 @@ Working directory has to be created before sending PBS job into the queue. Input
 
 **License** should be selected by parameter -P (Big letter **P**). Licensed products are the following: aa_r (ANSYS **Academic** Research), ane3fl (ANSYS Multiphysics)-**Commercial**.
 
-[1]: ../../anselm/job-submission-and-execution.md
+[1]: ../../../anselm/job-submission-and-execution.md
 
 [a]: http://www.ansys.com/products/fluids/ansys-cfx

docs.it4i/software/tools/ansys/ansys-ls-dyna.md

@@ -52,7 +52,7 @@ echo Machines: $hl
 
 Header of the PBS file (above) is common and description can be find on [this site][1]. [SVS FEM][b] recommends to utilize sources by keywords: nodes, ppn. These keywords allows to address directly the number of nodes (computers) and cores (ppn) which will be utilized in the job. Also the rest of code assumes such structure of allocated resources.
 
-[1]: ../../anselm/job-submission-and-execution.md
+[1]: ../../../anselm/job-submission-and-execution.md
 
 [a]: http://www.ansys.com/products/structures/ansys-ls-dyna
 [b]: http://www.svsfem.cz

docs.it4i/software/tools/ansys/ansys-mechanical-apdl.md

@@ -54,7 +54,7 @@ Working directory has to be created before sending PBS job into the queue. Input
 
 **License** should be selected by parameter -p. Licensed products are the following: aa_r (ANSYS **Academic** Research), ane3fl (ANSYS Multiphysics)-**Commercial**, aa_r_dy (ANSYS **Academic** AUTODYN)
 
-[1]: ../../anselm/resources-allocation-policy.md
+[1]: ../../../anselm/resources-allocation-policy.md
 
 [a]: http://www.ansys.com/products/multiphysics
 [b]: http://www.svsfem.cz

docs.it4i/software/tools/ansys/ls-dyna.md

@@ -34,7 +34,7 @@ Header of the PBS file (above) is common and description can be find on [this si
 
 Working directory has to be created before sending PBS job into the queue. Input file should be in working directory or full path to input file has to be specified. Input file has to be defined by common LS-DYNA **.k** file which is attached to the LS-DYNA solver via parameter `i=`.
 
-[1]: ../../anselm/job-submission-and-execution.md
+[1]: ../../../anselm/job-submission-and-execution.md
 
 [a]: http://www.lstc.com/
 [b]: http://www.svsfem.cz