2015年3月18日 星期三

iSCSI CHAP

http://blog.csdn.net/sinchb/article/details/8433994#t10

1.What is CHAP?

Challenge-Handshake Authentication Protocol
iSCSI initiators and targets prove their identity to each other using the CHAP protocol, which includes a mechanism to prevent cleartext passwords from appearing on the wire.

2. iSCSI support two tpye chap authentication:

Initiator authentication和Target authentication

2.1 Initiator authentication

    When initiator(SUT) connect to target, initator should provide user name and password to target. The user name which initiator provdie is "incoming" account.
 Initiator authentication can  authentication independently, it call " Uni-directional Authentication",One way authentication

2.2 target authentication

    When initiator connect to target, target should provide user name and password to initiator. Tis is "outcoming" account

    target authentication have to authentication on both  initiator and target , it call " Bi-directional Authentication",Mutual  authentication
    iSCSI CHAP password length requirement must have 12~16 words

沒有留言:

張貼留言