2.8. Managing CHAP Accounts for Virtuozzo Storage iSCSI Targets

Virtuozzo Storage allows you to restrict access to iSCSI targets by means of CHAP authentication.

To make use of CHAP authentication, you need to:

  1. Create a CHAP account.
  2. Create an iSCSI target bound to this CHAP account.

These actions are described in detail in the following subsections.

2.8.1. Creating CHAP Accounts for Virtuozzo Storage iSCSI Targets

To create a CHAP account, use the vstorage-iscsi account-create command. For example, to create the CHAP account user1:

# vstorage-iscsi account-create -u user1
Enter password:
Verify password:

2.8.2. Creating Virtuozzo Storage iSCSI Targets Bound to CHAP Accounts

To create a Virtuozzo Storage iSCSI target bound to a CHAP account, use the vstorage-iscsi create command with the additional -u option. For example, create a target bound to the CHAP account user1:

# vstorage-iscsi create -n test1 -a 192.168.10.100 -u user1
IQN: iqn.2014-04.com.vstorage:test1

2.8.3. Changing the CHAP Account Password

To change the password of a CHAP account, use the vstorage-iscsi account-set command. For example, to change the password of the CHAP account user1:

# vstorage-iscsi account-set -u user1
Enter password:
Verify password:

The new password will become active after target reboot.

2.8.4. Listing CHAP Accounts and Virtuozzo Storage iSCSI Targets Assigned to Them

To list existing CHAP accounts, use the vstorage-iscsi account-list command. For example:

# vstorage-iscsi account-list
user1

To list Virtuozzo Storage iSCSI targets assigned to a specific CHAP account, use the vstorage-iscsi account-list command with the -u option. For example, to list iSCSI targets assigned to the CHAP account user1:

# vstorage-iscsi account-list -u user1
iqn.2014-04.com.vstorage:test1