Security & Access Control

Ghostunnel enforces mutual TLS by default. This section covers the TLS settings (protocol versions, cipher suites, sandboxing) and shows how to configure access control rules to determine which peers are permitted.

General Security

Landlock sandboxing, TLS protocol settings, cipher suites, address restrictions.

Access Control Flags

Control which clients or servers are allowed to connect based on certificate fields (CN, OU, DNS/URI SAN) or OPA policies.