Manualshelf

HP-UX iSCSI Software Initiator Support Guide, HP-UX 11i v1 and 11i v2, July 2005

ManualsBrandsHP ManualsSoftwareHP-UX iSCSI (SCSI Over TCP/IP) Software
41424344454647484950
Chapter 4
Configuration
Challenge-Handshake Authentication Protocol (CHAP) Configuration
44
NOTE Currently, AuthMethod is one of the three iSCSI login keys that may be configured by the user
on a per target basis. The default value for AuthMethod is “None”. If you want to configure
AuthMethod on a per target basis, see “Authentication Method Configuration Examples” on
page 84.
Two authentication options are available if CHAP is chosen as the authentication method:
Uni-directional CHAP method:
The target uses CHAP to authenticate the initiator. The initiator does not authenticate the target.
The Uni-directional CHAP method does not require the use of the iradd daemon (iSCSI CHAP daemon).
It also does not require configuration of a RADIUS server on the host (initiator) side.
The default CHAP method is Uni-directional.
Bi-directional CHAP method:
The target uses CHAP to authenticate the initiator. The initiator uses CHAP to authenticate the target.
The Bi-directional CHAP method requires the use of the iradd daemon (iSCSI CHAP daemon), as well as
the configuration of a RADIUS server on the host (initiator) side.
The initiator authentication method and related attributes are configured using iscsiutil and stored
persistently across reboots.
Configuring CHAP Authentication Uni-directional
The following examples illustrate configuration of CHAP once it has been selected as the authentication
method that will be used.
(1) Configure for the Uni-directional authentication method:
# iscsiutil -u -H <chap-authentication-type> [-T <target-name>] [-I <ip-address>] [-P <tcp-port>] [-M
<portal-grp-tag>]
To configure Uni-directional authentication on a global basis:
# iscsiutil -u -H CHAP_UNI
To configure Uni-directional authentication for a particular Discovery Target Address:
# iscsiutil -u -H CHAP_UNI -I 192.1.1.10 -M 3
To configure Uni-directional authentication for a particular Operational Target:
# iscsiutil -u -H CHAP_UNI -T iqn.2003-11.com.hp.stor:iSCSI
To configure Uni-directional authentication for a particular Operational Target Address:
# iscsiutil -u -H CHAP_UNI -T iqn.2003-11.com.hp.stor:iSCSI -I 192.1.1.1 -P 5000 -M 1
(2) Configure the CHAP initiator username: