Look at Simple telnet-like password authentication and Simple mutual challenge-response password authentication for examples of authentication exchanges.