The storage server uses the Challenge Handshake Authentication Protocol (CHAP) to authenticate iSCSI initiators. CHAP requires a “shared secret” known by the initiator and the target. The server also supports mutual authentication where, in addition to the initiator authenticating against the target on the server, the server must also authenticate against the initiator.
To facilitate the mutual authentication process, the server must maintain a list of the initiators with which it can authenticate and the shared secret for each initiator.