Adding CHAP authenticated iSCSI storage to a Proxmox VE 9.1.1 cluster node

Adding CHAP authenticated iSCSI storage to a Proxmox VE 9.1.1 cluster node

- Install iSCSI subsystem on node if not present
Datacenter\proxmox6290\Shell
apt install open-iscsi
- Check iSCSI server is discoverable
iscsiadm -m discovery -t st -p 192.168.0.124
- Add datacenter storage iSCSI for node
Datacenter\Storage\Add iSCSI
If "Use LUNs directly" is checked the iSCSI target will be used as a raw block device.
If "Use LUNs directly" is unchecked the iSCSI target will be used via a standard file system.
- Prevent iscsi-raid5-reserve from popping up on another node and causing chaos
nano /etc/iscsi/nodes/no-auto-discovery
- Configure and validate iSCSI authentication for target iSCSI server
-- Create configuration
On node proxmox6290.missing.com
Check initiator name:
nano /etc/iscsi/initiatorname.iscsi
Check specific global settings are not set.
nano /etc/iscsi/iscsid.conf
Create the setup-iscsi-chap script.
nano /usr/local/bin/setup-iscsi-chap.sh

#!/bin/bash
# Persistent iSCSI CHAP setup for Proxmox 9.1.1

sleep 5 # Wait for network

# Target 1: 192.168.0.124
TARGET1="iqn.2026-03.com.missing:storage.raid5.portal124"
PORTAL1="192.168.0.124:3260"

# Configure auth for target 1
iscsiadm -m node -T $TARGET1 -p $PORTAL1 \
-o update -n node.session.auth.authmethod -v CHAP 2[larger than]/dev/null
iscsiadm -m node -T $TARGET1 -p $PORTAL1 \
-o update -n node.session.auth.username -v rolf 2[larger than]/dev/null
iscsiadm -m node -T $TARGET1 -p $PORTAL1 \
-o update -n node.session.auth.password -v REHE764sdb6471 2[larger than]/dev/null
iscsiadm -m node -T $TARGET1 -p $PORTAL1 \
-o update -n node.session.auth.username_in -v mut_rolf 2[larger than]/dev/null
iscsiadm -m node -T $TARGET1 -p $PORTAL1 \
-o update -n node.session.auth.password_in -v PR5V32nmw877 2[larger than]/dev/null
iscsiadm -m node -T $TARGET1 -p $PORTAL1 \
-o update -n node.startup -v automatic 2[larger than]/dev/null

# Login to target 1
iscsiadm -m node -T $TARGET1 -p $PORTAL1 -l 2[larger than]/dev/null

# Copy "Target 1" block from above to add new target

echo "iSCSI CHAP configuration applied"

Make executable

chmod +x /usr/local/bin/setup-iscsi-chap.sh

Create service file

nano /etc/systemd/system/iscsi-chap.service

[Unit]
Description=Persistent iSCSI CHAP Authentication
After=network-online.target open-iscsi.service
Wants=network-online.target

[Service]
Type=oneshot
ExecStart=/usr/local/bin/setup-iscsi-chap.sh
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

Enable service

systemctl daemon-reload
systemctl enable iscsi-chap.service
systemctl start iscsi-chap.service

Add to crontab (runs every minute, checks if connected)

crontab -e

Add this line:

* * * * * /usr/local/bin/setup-iscsi-chap.sh [larger than]/dev/null 2[larger than]&1

Run manually first

/usr/local/bin/setup-iscsi-chap.sh
Check sessions
iscsiadm -m session
Check auth settings
iscsiadm -m node -T iqn.2026-03.com.missing:storage.raid5.portal124 \
-p 192.168.0.124:3260 \
-o show -n node.session.auth.authmethod
Reboot and test
reboot
After reboot, check again
iscsiadm -m session
Look for iSCSI disks:
ls -la /dev/disk/by-path/ | grep iscsi
lsblk
Check Proxmox
Server View\Datacenter\proxmox6290\Disk icon iscsi-raid5-portal124

Buy me a coffee https://www.buymeacoffee.com/thetechrabbit
YouTube https://youtube.com/c/TheTechRabbit
Facebook https://www.facebook.com/thetechrabbit
PayPal donations https://www.paypal.me/TheTechRabbit
Instagram thetechrabbit

I am currently not sponsored in any way by the product manufacturer or resellers.

Видео Adding CHAP authenticated iSCSI storage to a Proxmox VE 9.1.1 cluster node канала The Tech Rabbit