Exactly Ulrich,there can be a better approach.
I am now having iscsiadm version 2.0-870,but still I am having a
problem in case of 2 targets having different NODE authentication.

My scenario

Suppose 2 targets (having different NODE AUTHENTICATION,assuming same
DISCOVERY AUTHENTICATION) from same target machine(say 30.12) are
logged in.I set up node.startup=automatic in both cases.

My observation

If I restart initiator machine,re-login can be possible in case of
last logged in target only,not both of them.

Steps performed

1. Discover machine using -o new -o delete->Enter Node credentials for
1st target from the list shown->Discovery again as iscsid.conf is now
having node credentials of target1->login to target1->making

2. Discover machine using -o new -o delete->Enter different Node
credentials for 2nd target from the list shown->Discovery using -o
update as iscsid.conf is now having node credentials of target2->login
to target2->making node.startup=automatic
(using -o update overwrites my node.startup setting of target1,so I
have to again make node.startup of target1 to automatic.without -o
update,it wont allow me to login as I need to change iscsid.conf to
target2's credentials.)

My conclusion
Basically all this problem might be because of single iscsid.conf
file.It should be different for every logged in target.Then only I can
have all previous credentials stored.

On Apr 30, 12:31 pm, "Ulrich Windl" <ulrich.wi...@rz.uni-
regensburg.de> wrote:
> On 29 Apr 2009 at 11:25, Mike Christie wrote:
> > Ulrich Windl wrote:
> > > On 28 Apr 2009 at 7:10, HIMANSHU wrote:
> > >> One more question analogues to this.
> > >> Suppose I login to 1st target from machine 30.12,it was having node
> > >> authentication.so I saved its credentials in iscsid.conf and then I
> > >> fired the discovery command followed by login command.It was
> > >> successful and those credentials also got stored in nodes and
> > >> send_targets.
> > >> Then if I want to login to 2nd target which is also having node
> > >> authentication from same machine,I am overwriting same iscsid.conf
> > >> file.So I am loosing my previous credentials from iscsid.conf.Also
> > >> after discovery,I am loosing previous target information from nodes
> > >> and send_targets.
> > > Hi,
> > > I'm no expert, but I think the credentials are stored per node/target in 
> > > the
> > > "iSCSI database" (like /etc/iscsi/send_targets/* and 
> > > /etc/iscsi/nodes/*/*).
> > Yeah, that is correct. When you run the discovery command or manual
> > addition command, iscsiadm will read iscsid.conf and use those for the
> > initial defaults for what gets created in those dirs. You can then
> > change what is in those dirs using iscsiadm -m node -o update....
> > > /etc/iscsi.conf just has the defaults. Probably it would be better to 
> > > never touch
> > > the iscsid.conf, but provide auth information when discovering targets or 
> > > loggin
> > > in to nodes/targets. However then the "secrets" would be on the command 
> > > line (and
> > > process list, etc).
> > I was thinking he has a issue where one target needs one set of CHAP
> > values for the discovery session, then they need another set of CHAP
> > values for another discovery session to another target. For this type of
> > setup, you have to edit iscsid.conf, run iscsiadm -m discovery ..., then
> > edit iscsid.conf again and then run iscsiadm -m discovery ... to the
> > other target.
> Hi,
> That sounds like a workaround for some design deficit. Why not have a more
> flexible approach like ~/.netrc (a file that stores authentication 
> information for
> several systems, keeping secrets away from the command line and the process 
> list).
> I mean an option for discovery like 
> "--credentials-file=~/iscsi-credentials-for-
> ...". You get the idea?
> Regards,
> Ulrich
You received this message because you are subscribed to the Google Groups 
"open-iscsi" group.
To post to this group, send email to open-iscsi@googlegroups.com
To unsubscribe from this group, send email to 
For more options, visit this group at http://groups.google.com/group/open-iscsi

Reply via email to