[Bug 3895] New: Documentation for StreamLocalBindUnlink / StreamLocalBindMask should be improved

Fri Nov 14 01:47:56 AEDT 2025

https://bugzilla.mindrot.org/show_bug.cgi?id=3895

            Bug ID: 3895
           Summary: Documentation for StreamLocalBindUnlink /
                    StreamLocalBindMask should be improved
           Product: Portable OpenSSH
           Version: -current
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Documentation
          Assignee: unassigned-bugs at mindrot.org
          Reporter: mschroeder at geomar.de

I'd like to request a documentation improvement regarding the options
StreamLocalBindUnlink and StreamLocalBindMask.

At the moment, the text for these options is identical in ssh_config
and sshd_config, even though the two settings affect different sides of
the connection:

In ssh_config, these options influence only client-side Unix-domain
socket creation.

In sshd_config, they influence only server-side socket creation.

This might seem obvious, but in fact this has caused repeated confusion
among users. In discussions, multiple people suggested setting
StreamLocalBindUnlink yes in ssh_config to remove server-side socket
files for remote forwards.

This misunderstanding seems common enough that clearer documentation
would help prevent future mistakes.

Maybe the following phrasing would work?

StreamLocalBindUnlink: Specifies whether to remove an existing
[server-side / client-side] Unix-domain socket file...

-- 
You are receiving this mail because:
You are watching the assignee of the bug.