Authenticating the client

The server must authenticate clients

Depending on protocol, this may occur over crypto layer.  If so
Authentication info can be stored on server
In clear
As one-way-hash (MD5, SHA-1, crypt(), etc)
No need for challenge/response authentication
Otherwise, authentication must be challenge/response based
Authentication would need to be by pubkey-style auth, or
PSK (preshared key) would need to be available on server