[stgt] authentication by initiator's name
yasumoto.shuko at jp.fujitsu.com
Fri Jun 17 08:46:34 CEST 2011
Thank you for the quick response.
I just started to learn how to create linux kernel style patch.
I will send the patch later (may be next week).
On Fri, 17 Jun 2011 15:31:22 +0900
FUJITA Tomonori <fujita.tomonori at lab.ntt.co.jp> wrote:
> On Fri, 17 Jun 2011 15:17:34 +0900
> Shuko Yasumoto <yasumoto.shuko at jp.fujitsu.com> wrote:
> > > I think that malicious users can forge initiator names. How this
> > > feature can be useful?
> > I understand that initiator names can be changed easily so security
> > of this feature might poor than IP authentication.
> > But the case " malicious users can forge initiator names " can protect
> > by combination with CHAP authentication and my idea is providing this
> > feature in addition to IP authentication.
> > I think the usage of this feature is same as IP authentication
> > but there is only difference in the following usage.
> > Usage : There is a server which has multiple NICs, user must check
> > which IP is connected to targets and then register one IP
> > to targets.
> > If this feature is available, user just register an initiator
> > name instead.
> > Based on RFC 3721, I think initiator name is useful for this
> > purpose.
> > ===
> > An iSCSI Name is a location-independent, permanent identifier for
> > an iSCSI node. An iSCSI node has one iSCSI name, which stays
> > constant for the life of the node. The terms "initiator name"
> > and "target name" also refer to an iSCSI name.
> > ===
> > Background for this proposal is:
> > - Above usage.
> > - Many storage vendors use the feature, authentication by initiator name.
> > I highly appreciate if you give me comments on this.
> I see. Can you send a patch in the proper format (in Linux kernel
> style, see doc/README)? Then I can review and merge it.
> To unsubscribe from this list: send the line "unsubscribe stgt" in
> the body of a message to majordomo at vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
To unsubscribe from this list: send the line "unsubscribe stgt" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the stgt