update ssh-gw doc

services-admin-guide/ssh_gateways.md

@@ -1,6 +1,6 @@
 # SSH Gateways
 
-The purpose of the ssh gateways is to give access to protected networks and resources (for a finite period of time). 
+The purpose of the ssh gateways is to give access to protected networks and resources (for a finite period of time). The gateway always gives access to the networks first name is indicating, i.e. sf-gw is giving access to all sf networks, sls-gw is giving access to sls networks.
 
 Users are only supposed to use ssh to connect to the gateways as well as them to further connect to other machines. Never the less, for ease of use, there are some protocols/ports that can directly be accessed from the ssh gateway. These ports include: 5900 VNC, 3389 RDP, 4000 NX, ICMP/PING.
 Therefore direct portforwarding on those ports will work.
@@ -43,12 +43,23 @@ https://git.psi.ch/linux-infra/ansible/playbooks/lx_ansible/-/blob/main/inventor
 
 ### Checklist
 
-- [ ] Is gateway up and running
-- [ ] Is user part of the AD group giving access to the gateway (ideally check on the gateway itself) 
+- Is gateway up and running?
+- Is user part of the AD group giving access to the gateway (ideally check on the gateway itself) 
     ```
     getent group unx-gw_<gateway name>
     ```
-    - In case the user is not part of the group, the user needs to contact the respective responsible (i.e. beamline scientist in case of a beamline) to add him to the group. 
+    or 
+
+    ```
+    id whaeveruser_l | sed 's/,/\n/g' | grep unx-gw_
+    35526(unx-gw_twlha)
+    35514(unx-gw_hipa)
+    35524(unx-gw_sls)
+    35525(unx-gw_sf)
+    -bash-4.2$ 
+    ```
+
+    - In case the user is not part of the group, the user needs to contact the respective responsible (i.e. beamline scientist in case of a beamline) to add him to the group. The management of the group membership is currently done in DUO.
 
 ### General
 Howto identify and kill high load sessions on the ssh gateway, useful commands for usage diagnostic: