How to Configure iSCSI CHAP secrets with E-Series on a Linux Host
- Last Updated:
- Netapp E-Series
- CHAP, Challenge Handshake Authentication Protocol, is a 3-way handshake between two devices in a network to ensure security.
- Used with Ethernet-based authentication.
- CHAP can be either a One-way Authentication CHAP or a bidirectional CHAP.
- One-way (Target) Authentication CHAP
- The initiator device validates the target.
- Initiator and target save a local secret.
- These secrets produce a one-way hash.
- Two-way (Mutual) Authentication CHAP
- Same as One-way Authentication but will then have the target validate the initiator.
- Can only be configured after One-way Authentication CHAP has been configured.
- Similar secret configuration to One-way Authentication CHAP
- Adds an additional secret that must be different than the One-way Authentication secret.