1.What is CHAP?
Challenge-Handshake Authentication Protocol
iSCSI initiators and targets prove their identity to each other using the CHAP protocol, which includes a mechanism to prevent cleartext passwords from appearing on the wire.
2. iSCSI support two tpye chap authentication:
Initiator authentication和Target authentication
2.1 Initiator authentication:
When initiator(SUT) connect to target, initator should provide user name and password to target. The user name which initiator provdie is "incoming" account.
Initiator authentication can authentication independently, it call " Uni-directional Authentication",One way authentication
2.2 target authentication:
When initiator connect to target, target should provide user name and password to initiator. Tis is "outcoming" account
target authentication have to authentication on both initiator and target , it call " Bi-directional Authentication",Mutual authentication
iSCSI CHAP password length requirement must have 12~16 words
沒有留言:
張貼留言