Why Aren't We Using SSH For Everything?

An anonymous reader writes: A post at Medium asks why, in this age of surveillance and privacy-related bogeymen, we aren't making greater use of SSH for our secure computing needs?

"SSH is one of the most accessible secure protocols ever, second only to HTTPS of course. Let's see what we have so far: Binary protocol, mandatory encryption, key pinning, multiplexing, compression (yes, it does that too). Aren't these the key features for why we invented HTTP/2?

Admittedly, SSH is missing some pieces. It's lacking a notion of virtual hosts, or being able to serve different endpoints on different hostnames from a single IP address. On the other hand, SSH does have several cool features over HTTP/2 though, like built-in client authentication which removes the need for registration and remembering extra passwords."

Because no.

>Admittedly, SSH is missing some pieces

Should read, "Admittedly, SSH is missing some crucial features, that make its use in this context impossible."

Windows

[Lennie]

If anything is missing, it's probably only missing on Windows.

Support on Linux and Mac is jut fine, I think.

Windows:
- client support is kind of OK
- virtual filesytem support is kind of OK

The biggest missing solution:
- Windows server support. There are some expensive solutions, not sure how well they work.

Cygwin works fine.

[ron_ivi]

I know back in 1995 when Cygwin came out it got a reputation of being pretty flakey.

But it's come a long way in the last 2 decades.

These days, pretty much any time you think you have a "hmm, Linux can do this but I don't know how to do it on Windows", Cygwin is probably a very good possibility.

Re:Because it's not safe either

Despite the similarity of the names, OpenSSH and OpenSSL are maintained by entirely different teams. Of note is that the organization which maintains OpenSSH recently forked OpenSSL into LibreSSL which, once it stabilizes, is expected to behave more safely.