From aa491274de0bd85767ede7543190c6885d5f538c Mon Sep 17 00:00:00 2001
From: caubet_m <marc.caubet@psi.ch>
Date: Tue, 4 Jul 2023 11:56:06 +0200
Subject: [PATCH] Update Remote Access server docs

---
 .../02-How-To-Use-Merlin/transfer-data.md     | 26 ++++++++-----------
 1 file changed, 11 insertions(+), 15 deletions(-)

diff --git a/pages/merlin6/02-How-To-Use-Merlin/transfer-data.md b/pages/merlin6/02-How-To-Use-Merlin/transfer-data.md
index feffd05..5fd4556 100644
--- a/pages/merlin6/02-How-To-Use-Merlin/transfer-data.md
+++ b/pages/merlin6/02-How-To-Use-Merlin/transfer-data.md
@@ -41,25 +41,21 @@ local computer and merlin.
 
 Two servers are enabled for exporting data from Merlin to outside PSI. 
 These Remote Access Merlin servers are the following:
-* **'ra-merlin-01.psi.ch'**: standard password authentication (with PSI password)
-   * `/data/user` mounted in RO (read-only)
-   * `/export` directory in RW (read-write). `/export` is also visible from login nodes.
-* **'ra-merlin-02.psi.ch'**: ***Two factor authentication*** (2FA), required **RSA SecurID** token (same as VPN)
-   * `/data/project` directories mounted in RW on demand. Project responsibles must request it.
-   * `/data/user` mounted in RW (read-write)
-   * `/export` directory in RW (read-write). `/export` is also visible from login nodes.
-
-In the future, **'ra-merlin-01.psi.ch'** will be also configured with 2FA and will mount the same 
-as **'ra-merlin-02.psi.ch'**. In the meantime, we keep **'ra-merlin-01.psi.ch'** with standard authentication 
-until we can ensure that most of the Merlin users have a RSA SecurID token or until PSI security policy makes
-its use mandatory. Using **'ra-merlin-02.psi.ch'** over **'ra-merlin-01.psi.ch'** is always recommended (2FA
-is always more secure than standard authentication)
+* **'ra-merlin-01.psi.ch'**
+* **'ra-merlin-02.psi.ch'**
+Both servers have mounted the following Merlin filesystems:
+* `/data/project` directories mounted in RW on demand. Project responsibles must request it.
+* `/data/user` mounted in RW (read-write)
+* `/data/experiment/mu3e` directories mounted in RW (read-write), except `data` (read-only mounted)
+* `/export` directory in RW (read-write). `/export` is also visible from login nodes.
+Access to the Remote Access server uses ***Multi factor authentication*** (MFA).
+Therefore, having the Microsoft Authenticator App is required as explained [here](https://www.psi.ch/en/computing/change-to-mfa).
 
 ### Directories
 
 #### /data/user
 
-User data directories are mounted in RO on 'ra-merlin-01', and RW on 'ra-merlin-02'.
+User data directories are mounted in RW on both 'ra-merlin-01' and 'ra-merlin-02'.
 
 {{site.data.alerts.warning}}Please, <b>ensure proper secured permissions</b> in your '/data/user' 
 directory. By default, when directory is created, the system applies the most restrictive 
@@ -97,7 +93,7 @@ Ensure to properly secure your directories and files with proper permissions.
 
 Optionally, instead of using `/export`, experiments with a Merlin project can request Read/Write or Read/Only access to their project directory.
 
-{{site.data.alerts.tip}}<b>Merlin projects can request direct access on 'ra-merlin-02.psi.ch'</b>
+{{site.data.alerts.tip}}<b>Merlin projects can request direct access.</b>
 This can be configured in Read/Write or Read/Only modes. If your project needs access, please,
 contact the Merlin administrators.
 {{site.data.alerts.end}}