self_hostname server.fqdn.local
ca_cert_path /path/to/certificate/ca_cert.pem
ca_private_key_path /path/to/certificate/ca_key.pem
ca_private_key_passphrase passphrase_for_private_CA_secret_key
allow_anonymous_source no # Allow to accept from nodes of <client>
authentication yes # Deny clients without valid username/password
host 192.168.10.30 # allow all users to connect from 192.168.10.30
users tagomoris,frsyuki # deny repeatedly from 192.168.10.31
shared_key less_secret_string # limited shared_key for 192.168.10.32
users repeatedly # and repeatedly only