diff --git a/lib/sorting-hat.js b/lib/sorting-hat.js
index e8fdbd6..35bf2f1 100644
--- a/lib/sorting-hat.js
+++ b/lib/sorting-hat.js
@@ -63,11 +63,17 @@ module.exports.assign = function (state, tun, cb) {
   function trySsh(tun, cb) {
     // https://security.stackexchange.com/questions/43231/plausibly-deniable-ssh-does-it-make-sense?rq=1
     // https://tools.ietf.org/html/rfc4253#section-4.2
-    if (false === state.config.ssh_auto || 'SSH-2.0-' !== tun.data.slice(0, 8).toString()) {
+    var sshPort;
+    if (-1 !== ['true', 'enable', 'auto', 'on'].indexOf(state.config.sshAuto)) {
+      sshPort = 22;
+    } else {
+      sshPort = parseInt(state.config.sshAuto, 10);
+    }
+    if (!sshPort || 'SSH-2.0-' !== tun.data.slice(0, 8).toString()) {
       cb(null, false);
       return;
     }
-    cb(null, getNetConn(state.config.sshPort || 22));
+    cb(null, getNetConn(sshPort));
   }
 
   var handlers = {};
@@ -224,6 +230,7 @@ module.exports.assign = function (state, tun, cb) {
     });
     return conn;
   }
+  var handlerservers = {};
   function invokeHandler(conf, tlsSocket, tun, id) {
     var conn;
     if (parseInt(conf.handler, 10)) {
@@ -239,6 +246,18 @@ module.exports.assign = function (state, tun, cb) {
     var handlerpath = conf.handler;
     var homedir = os.homedir();
     var localshare = path.join(homedir, '.local/share/telebit/apps');
+    var http = require('http');
+
+    // 1. No modification handlerpath may be an aboslute path
+    // 2. it may be relative to a user home directory
+    // 3. it may be relative to a user local/share
+
+    tlsSocket._tun = tun;
+    tlsSocket._id = id;
+    if (handlerservers[conf.handler]) {
+      handlerservers[conf.handler].emit('connection', tlsSocket);
+      return;
+    }
 
     if (/^~/.test(handlerpath)) {
       handlerpath = path.join(homedir, handlerpath.replace(/^~(\/?)/, ''));
@@ -247,19 +266,26 @@ module.exports.assign = function (state, tun, cb) {
     try {
       handler = require(handlerpath);
       console.info("Handling '" + handle + ":" + id + "' with '" + handlerpath + "'");
-      handler(tlsSocket, tun, id);
     } catch(e1) {
       try {
         handler = require(path.join(localshare, handlerpath));
         console.info("Handling '" + handle + ":" + id + "' with '" + handlerpath + "'");
-        handler(tlsSocket, tun, id);
       } catch(e2) {
         console.error("Failed to load '" + handlerpath + "':", e1.message);
         console.error("Failed to load '" + path.join(localshare, handlerpath) + "':", e2.message);
         console.warn("Using default handler for '" + handle + ":" + id + "'");
-        handlers.https(tlsSocket, tun, id);
+        handler = null;
+        // fallthru
       }
     }
+
+    if (handler) {
+      handlerservers[conf.handler] = http.createServer(handler);
+      handlerservers[conf.handler].emit('connection', tlsSocket);
+      return;
+    }
+
+    handlers.https(tlsSocket, tun, id);
   }
 
   function terminateTls(tun, cb) {
diff --git a/usr/share/install_helper.sh b/usr/share/install_helper.sh
index 7c80830..4b29340 100644
--- a/usr/share/install_helper.sh
+++ b/usr/share/install_helper.sh
@@ -82,7 +82,7 @@ fi
 
 echo "Installing $my_name to '$TELEBIT_PATH'"
 # v10.2+ has much needed networking fixes, but breaks ursa. v9.x has severe networking bugs. v8.x has working ursa, but requires tls workarounds"
-NODEJS_VER="${NODEJS_VER:-v10.3}"
+NODEJS_VER="${NODEJS_VER:-v10.2}"
 export NODEJS_VER
 export NODE_PATH="$TELEBIT_PATH/lib/node_modules"
 export NPM_CONFIG_PREFIX="$TELEBIT_PATH"