Manualshelf

HP-UX iSCSI Software Initiator Support Guide, HP-UX 11i v1 and 11i v2, July 2005

ManualsBrandsHP ManualsSoftwareHP-UX iSCSI (SCSI Over TCP/IP) Software
41424344454647484950
Chapter 4
Configuration
Challenge-Handshake Authentication Protocol (CHAP) Configuration
43
Challenge-Handshake Authentication Protocol (CHAP)
Configuration
Challenge-Handshake Authentication Protocol (CHAP) is an authentication protocol that defines a
methodology for authenticating initiators and targets. If you do not intend to use CHAP for authentication,
this aspect of the iSCSI Software Intitator configuration is not necessary and can be ignored.
The iSCSI Software Initiator has visible system administration interactions with the Challenge-Handshake
Authentication Protocol (CHAP). The iSCSI Software Initiator running on HP-UX can use CHAP optionally,
for authentication. The user is expected to understand the CHAP authentication method prior to its use.
CHAP software is not part of the iSCSI Software Initiator.
The configuration of a RADIUS server and CHAP configuration on an iSCSI Target, is beyond the scope of
this document. However, the following documentation will help you to understand the CHAP protocol and the
RADIUS server installation.
NOTE CHAP is currently the only authentication method supported by the iSCSI Software Initiator.
Configure the AuthMethod key with "CHAP,None" as the value for all Targets:
# iscsiutil -t authmethod CHAP None
During the next login negotiation, the iSCSI Software Initiator proposes "CHAP,None" (in its order of
preference) to the iSCSI target for the AuthMethod login key.
The target MUST respond with the first value that it supports. The target is expected to respond to the
initiator with "CHAP" for the AuthMethod login key (provided CHAP is configured properly on the target). If
the target responds with "CHAP", CHAP will be chosen as the authentication method. If the target responds
with "None", authentication will not be performed.
Table 4-1 CHAP and RADIUS Server Documentation
Description url
CHAP information (RFC 1994) http://www.ietf.org/rfc/rfc1994.txt
RADIUS server documentation
information (RFC 2865)
http://www.ietf.org/rfc/rfc2865.txt
RADIUS server installation
information
http://www.software.hp.com
-click on “security and
manageability”
- click on “HP-UX aaa server