The Global section is not identified by a section header and must be specified first in the acl.cfg file.
allow_guest=no | yes
guest_acl=<acl_list_name>
default_acl=<comma separated list>
Keyword | Description |
---|---|
allow_guest=no | yes |
Specifies whether a guest is allowed to connect. Guests are clients that can process a NaCl handshake, but whose public key is not in the server's authorized_keys_list file. If guests are allowed, they are by default granted the right to query. The default value is No. |
guest_acl=<acl_list_name> |
Optionally assigns one of the acl_list_names in the [acls] section to guest users. This must be specified after the allow_guest parameter. The default if not acl_list_name is specified is none. |
default_acl=<comma separated list> |
Optional comma separated list of specific access type authorizations (see below) assigned to authenticated clients that do not have an [acls] explicitly associated to them, either directly or via a Group making them by default a "Guest". |