Secure Shell UNIX domain socket redirection to Proposed Standard

lauri <> Mon, 13 December 2010 23:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 28D033A6E13 for <>; Mon, 13 Dec 2010 15:46:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id xxQRg3OPm-cV for <>; Mon, 13 Dec 2010 15:46:44 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 0C1FE3A6DFA for <>; Mon, 13 Dec 2010 15:46:43 -0800 (PST)
Received: by iyi42 with SMTP id 42so20788iyi.31 for <>; Mon, 13 Dec 2010 15:48:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type:content-transfer-encoding; bh=n1uhTUqm7UIIM3ZBRAg/ZkGN1+FLcOrREHY8Q5BFiv8=; b=eyqGZDyDt8SofTQo1c/kNM2UraM0TQfvpFVd800eu5zb+vc4sI5IQ5adJDNVptX0gy lNUrUxoENd2IcYrXDJwrDg1vXfZOSN2/BxHKmjEz+hdyKWBMtAXyiNdqVMOWiJHJLtNO vpB4NOLZUv0i6PpdRlQ8ZzJRKGv6MCcwBQvoQ=
DomainKey-Signature: a=rsa-sha1; c=nofws;; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=qY5SllQspWxOrPu+xDU4fcQGa3W4r9rqRpo31P8hNJUcrGTLkPMC5VGrvWo7ABDHJx s18ZrF64gqYh3plPLj6KFYeUdB7+jRVWy7VWoUPw7bCZorsjx3Z759Rvb+WnrKfHaoae Rw4tR/qJNxlJtjhR7Ksu8TUtK+fxEls4SAA+c=
MIME-Version: 1.0
Received: by with SMTP id y5mr2481876ibd.180.1292284101975; Mon, 13 Dec 2010 15:48:21 -0800 (PST)
Received: by with HTTP; Mon, 13 Dec 2010 15:48:21 -0800 (PST)
Date: Tue, 14 Dec 2010 01:48:21 +0200
Message-ID: <>
Subject: Secure Shell UNIX domain socket redirection to Proposed Standard
From: lauri <>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Mailman-Approved-At: Wed, 15 Dec 2010 10:12:49 -0800
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 13 Dec 2010 23:48:05 -0000

Good evening,

on GNU/Linux boxes there are many services which use UNIX domain
sockets for inter-process communication. Most of them also support TCP
sockets, but that needs additional code for authentication.

There used to be streamlocal patch which implemented UNIX domain
socket redirection for OpenSSH but now it seems to be dead:

Generally I think it would be good idea to have UNIX domain socket
redirection in Secure Shell standard because the difference between
TCP/IP redirection code and the one used for UNIX domain sockets is
minor. The feature would benefit many LTSP deployments and other
installations aswell.

Blogpost related to the lack of UNIX domain socket redirection in
Secure Shell standard can be found here:

Lauri Võsandi
tel: +372 53329412
company: Povi Software OÜ (