nixCraft 🐧Sep 27, 2025

SSH3 is a new, faster SSH protocol built on top of HTTP/3 (QUIC + TLS 1.3). It offers several key advantages over classic SSH such as: Faster session setup, Supports modern authentication methods like OAuth 2.0 and OpenID Connect, alongside traditional methods, enhanced security by being invisible to port scanning attacks, and more.

https://github.com/francoismichel/ssh3

GitHub - francoismichel/ssh3: SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/

SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/ - francoismi...

GitHub
Show threadThomas B. RückerSep 27, 2025
@nixCraft this piqued my interest, but I came to realize:
This seems stalled and hasn't seen development. The IETF draft expired. https://datatracker.ietf.org/doc/draft-michel-remote-terminal-http3/
Also it's not SSH in the classic sense and they were working on a final name.
Finally, clearly marked as not production ready.
Remote terminal over HTTP/3 connections

The secure shell (SSH) traditionally offers its secure services over an insecure network using the TCP transport protocol. This document defines mechanisms to access remote terminals by running the SSH Connection protocol over HTTP/3 using Extended CONNECT. Remote terminals over HTTP/3 enables additional benefits such as the scalability offered by HTTP multiplexing, relying on TLS for secure channel establishment leveraging X.509 certificates, HTTP Authentication schemes for client and server authentication, UDP port forwarding and stronger resilience against packet injection attacks and middlebox interference.

IETF Datatracker
Show threadThomas B. Rücker
@nixCraft Dug a little bit deeper. The project seems to have dropped dead at the exact time the main person behind it switched from PhD at university to working for Apple.
This thing is not going anywhere.
Sep 27, 2025 at 7:56pmWeb