diff --git a/ECMWF/README.md b/ECMWF/README.md
index c2a69374b4879bb9240a1ed087ac77061e3578d8..bbc7e2163ed950cb9cf2ee202b7d1a1fe55a4df9 100644
--- a/ECMWF/README.md
+++ b/ECMWF/README.md
@@ -61,6 +61,8 @@ module load teleport
 
 # Activate the ssh-agent (required to store the key/certificate)
 ssh-agentstart
+# or
+ssh-agentreconnect
 # Check if it is running
 ssh-add -l
 ```
@@ -266,8 +268,8 @@ if you encounter a STOP or ERROR, then you can also check the gateway ([boaccess
 There are two ways to create these associations:
 
 1. via the web interface:
-   - [boaccess](https://boaccess.ecmwf.int)
-   - [imgaccess](https://ecaccess.wolke.img.univie.ac.at)
+    - using [boaccess](https://boaccess.ecmwf.int)
+    - using [imgaccess](https://ecaccess.wolke.img.univie.ac.at)
 2. via the ecaccess-webtoolkit
 
 After creating **new associations** it takes a while before they actually work (about 10min).
@@ -285,12 +287,12 @@ Steps:
 2. Go to **ECtrans setup**
 3. Click **add association** (at bottom)
 4. Fill in the association
-   - `name`
-   - `hostname` (login.img.univie.ac.at or jet01 or jet02)
-   - `directory` (`/srvfs/scratch/[USERNAME]` or something else)
-   - `comment` (giving you a hint where it drops the file sto)
-   - `login` (this is your imgw server username)
-   - `password` (this is your imgw server password)
+    - `name`
+    - `hostname` (login.img.univie.ac.at or jet01 or jet02)
+    - `directory` (`/srvfs/scratch/[USERNAME]` or something else)
+    - `comment` (giving you a hint where it drops the file sto)
+    - `login` (this is your imgw server username)
+    - `password` (this is your imgw server password)
 5. Click on _Create_
 
 Later you can also change the password for your associations.
@@ -353,9 +355,75 @@ aurora            login.img.univie.ac.at active     scratch
 $ ecaccess-association-list -gateway ecaccess.img.univie.ac.at
 jet               jet01.img.univie.ac.at active     scratch
 # send a file to both
+```
+
+### using ssh-keys
+There is another way to overcome the need to continuously changing the password in the association. It is possible to add a ssh-key to the ectrans association.
+
+Steps:
 
+1. Create a compatible ssh-key
+2. Add ssh public key (e.g. `ecmwf.pub`) to [IPA](../SSH-VPN-VNC/IPA.md#add-ssh-key)
+3. Modify the association
+
+```sh title="Create an ectrans ssh-key"
+# generate a ssh-key using the PEM format
+ssh-keygen -t rsa -m PEM -b 4096
+Generating public/private rsa key pair.
+Enter file in which to save the key (/home/user/.ssh/id_rsa): ecmwf
+Enter passphrase for "test" (empty for no passphrase):
+Enter same passphrase again:
+Your identification has been saved in test
+Your public key has been saved in test.pub
+The key fingerprint is:
+SHA256:2FIvXhZASKo/b565cUiWQsImKV63YZhhnx0ySb3Rak8 user@notebook
+The key's randomart image is:
++---[RSA 4096]----+
+|   o.=+++        |
+| o. =o*o.o       |
+|+ ++o* .= .      |
+|oo.+o oO E .     |
+| .. ..B S +      |
+|   . + + =       |
+|    o o o        |
+|     o.=         |
+|     o*.         |
++----[SHA256]-----+
+# 
 ```
 
+Add the public key to the IPA. It might take up to 10 min, before the new key is registered by the system. You can check on aurora by running: `sss_ssh_authorizedkeys $USER` 
+
+Now you can modify the association by adding your generated **private key**:
+
+``` title="Modified association"
+...
+sftp.port = "22"                                                                                 
+sftp.prefix = ""
+sftp.privateKey = "
+-----BEGIN RSA PRIVATE KEY-----
+eJaBR2f80p2qlgapAku1z+PsnY2gjdL7y6iqxnrR19L8/CnM+A2OdU+lSnBv1PS7
+VU2/nY4Al6xSJTJOrZ+k9dkyWjbixF1FCpVeNOxqJdqjtcFw/2nX8Mtp+5BOrCxg
+rTkoW31foJQL+FNf/VelOPO1xf+YSfKIUmZ7OU3LHrzDm07p0pd/Aclj7Qqf89mp
+pjqDXe7/00OuRuda6gu2Sbd4Oro+5ha9jkvfDQpV8Xj5QsLbjnxjp5+J9yUDoujq
+...
+vlN5kEeFbyB22H5QCkCF4RWVOUfudCTcPNC2DMeR7gtFwlWmxzizZuaVi5v48vP3
+8/zt0udPyCyPP2B0NOyJzrDejcvfVQ76SmLGgArjQN3jJDF7p7UausliO2R1SD/p
+jJNEf9KEDEeO3COLZrT0tcfTmAEd7OVSURdZKJTXQCPai2LTevTBYJxXHgFFly4Z
+-----END RSA PRIVATE KEY-----
+"
+sftp.sessionTimeOut = "60000"
+sftp.suffix = ".tmp"
+sftp.usetmp = "yes"
+sftp.wmoLikeFormat = "no"
+###### END-OF-PROPERTIES ######
+';
+```
+
+to either the association file or via the web interface. Then you can remove the password, but leave the `login=[USERNAME]`.
+
+More information on these details can be found [here](https://confluence.ecmwf.int/display/ECAC/Unattended+file+transfer+-+ectrans)
+
 ## ECaccess Gateway
 
 The department is running a member state ecaccess gateway service. **The purpose of an individual access server is to bridge ECMWF's network with IMGW's network.** Hence, protecting these networks. For example, you can access the JET cluster from the department ecaccess server, but not from boaccess server, but from boaccess you can accesss aurora.