How to enable CHAP to restrict access to volumes

How to enable CHAP to restrict access to volumes


Applies to:


Operating Systems - RHEL 5.x, RHEL 6.x, OL 5.x, OL 6.x, Oracle VM 2.x
Platform - Applies to all Dell PowerEdge Servers


Problem:


How do I enable CHAP to restrict access to volumes?


Solution:


In this article we we will discuss how to setup CHAP authentication at the operating system level. For information regarding configuring CHAP on the EqualLogic array, please visit:
http://www.equallogic.com/resourcecenter/assetview.aspx?id=5317

Once you have created your local CHAP user account on the EqualLogic array and have restricted access to your specific volumes, we must now enable our operating system to login those particular targets.

The first step in enabling CHAP is to edit the following file:
/etc/iscsi/iscsid.conf

Within the /etc/iscsi/iscsid.conf file, find the "CHAP Settings" section and uncomment the following lines and add the proper credentials for username and password that you originally set in your EqualLogic array.

# *************

# CHAP Settings

# *************

# To enable CHAP authentication set #node.session.auth.authmethod to CHAP. The default is None.

node.session.auth.authmethod = CHAP

# To set a CHAP username and password for initiator #authentication by the target(s), uncomment the following #lines:

node.session.auth.username = username

node.session.auth.password = password

# To enable CHAP authentication for a discovery session to the target

# set discovery.sendtargets.auth.authmethod to CHAP. The #default is None.

discovery.sendtargets.auth.authmethod = CHAP

# To set a discovery session CHAP username and password for #the initiator authentication by the target(s), uncomment #the following lines:

discovery.sendtargets.auth.username = username

discovery.sendtargets.auth.password = password

Once you have made these changes save the file, and restart your iSCSI service with the following command:
#service iscsi restart

Once your iscsi service has been restarted, follow section 3.2.1.1 How do I discover, login, and logout iSCSI targets? to login your iSCSI volumes.

The direct link to that wiki article can be found here:

http://en.community.dell.com/dell-groups/enterprise_solutions/w/oracle_solutions/3-2-1-1-2-how-do-i-discover-login-and-logout-iscsi-targets.aspx


Article ID: SLN310169

Last Date Modified: 08/14/2018 02:06 AM


Rate this article

Accurate
Useful
Easy to understand
Was this article helpful?
Yes No
Send us feedback
Comments cannot contain these special characters: <>()\
Sorry, our feedback system is currently down. Please try again later.

Thank you for your feedback.