SSH3: Faster and rich secure shell using HTTP/3
4 hours ago
- #SSH3
- #HTTP/3
- #Security
- SSH3 is a new protocol revisiting SSH semantics over HTTP/3, offering faster session establishment and modern authentication methods.
- Key features include QUIC+TLS1.3 for security, OAuth 2.0/OpenID Connect for authentication, and UDP port forwarding.
- SSH3 servers can be hidden behind secret URLs to avoid detection by attackers, enhancing security.
- The protocol supports X.509 certificates for server authentication, similar to HTTPS, improving security over SSHv2 host keys.
- SSH3 is experimental, requiring further security review before production use, and encourages community feedback.
- Installation involves compiling from source or using Go, with detailed setup instructions for servers and clients.
- OpenID Connect allows logging in via Google/Microsoft/Github accounts, streamlining authentication without traditional keys.
- Proxy jump functionality enables secure connections through gateways without exposing traffic to intermediaries.