The History of SSH
From a password-sniffing attack in Helsinki in 1995 to the first QUIC experiments in 2019 — the full story of how SSH evolved, and where it is going next.
The Birth of SSH
Tatu Ylönen, a researcher at Helsinki University of Technology, discovers a password-sniffing attack on the university network. Passwords for thousands of accounts were captured. Within months, he designs and releases SSH-1 as a secure replacement for rlogin, telnet, and rsh — protocols that transmitted credentials in plaintext. By the end of 1995, SSH has 20,000 users across 50 countries.
Port 22 — A Strategic Choice
Ylönen requests port 22 from IANA, deliberately positioning it between telnet (port 23) and FTP (port 21). The placement was symbolic: SSH was designed to replace both insecure protocols, and sitting between them in the port namespace signaled exactly that. Port 22 is assigned to TCP — the only transport that matters in 1995. Thirty-one years later, a new implementation would reclaim the same port number over UDP, and the two would run side by side on the same server without conflict. The number stays. The transport changes.
OpenSSH
The OpenBSD project forks the last open-source version of the SSH codebase (v1.2.12) and creates OpenSSH. It ships with virtually every Unix-like operating system and becomes the dominant SSH implementation worldwide. OpenSSH 2.0 (June 2000) adds support for the SSH-2 protocol alongside SSH-1.
SSH-2 Becomes an IETF Standard
The IETF publishes SSH-2 as a proposed standard (RFC 4251–4256). SSH-2 is a complete redesign: separate transport, authentication, and connection protocol layers. It fixes fundamental cryptographic weaknesses in SSH-1's cipher design and becomes the baseline for all modern SSH implementations.
Heartbleed (CVE-2014-0160)
A critical buffer over-read vulnerability in OpenSSL's TLS heartbeat extension is disclosed, affecting approximately 17% of all SSL-protected servers worldwide. While SSH itself is not directly vulnerable, the incident triggers an industry-wide audit of cryptographic infrastructure and accelerates adoption of modern TLS and key management practices.
The First SSH-over-QUIC Proof of Concept
Manfred Touron (github.com/moul), a prolific French open-source developer and serial Go contributor, publishes the first known proof-of-concept for SSH tunneled over QUIC. Released in July 2019, his Go implementation demonstrates something the networking community had suspected but never confirmed: the SSH protocol's channel model maps naturally onto QUIC's multiplexed streams. A single QUIC connection can carry an interactive shell, an scp file transfer, and a port-forward tunnel simultaneously — each as an independent stream — with no head-of-line blocking between them. The project is small, experimental, and intentionally rough, but it plants a clear seed: SSH-over-QUIC is not just theoretically sound, it is practically buildable with the tooling that exists today.
SSH3: An Academic Push for a New Standard
François Michel, a doctoral researcher at UCLouvain in Louvain-la-Neuve, Belgium, publishes SSH3 — an ambitious reimplementation of SSH layered over HTTP/3 and QUIC. Michel's approach goes further than Touron's tunnel: SSH3 replaces the entire SSH wire protocol with HTTP/3 framing and QUIC streams, allowing SSH sessions to traverse corporate firewalls and CDN infrastructure that pass HTTPS traffic freely. Written in Go, the project generates genuine excitement on GitHub and produces an academic paper submitted to IEEE. It proves that modern transport can make SSH dramatically more deployment-friendly. However, practical adoption stumbles: retrofitting HTTP/3 framing into existing SSH clients and servers requires invasive changes, and without broad institutional backing the contributor base remains thin. The last commit lands in September 2024, leaving SSH3 as an important research artifact that clarified the design space without reaching production.
QUICSSH — A Production-Focused Standard
Running in parallel with Michel's academic work, a group of Linux systems developers, network security engineers, and open-source practitioners reach a different conclusion: the path to production is not replacing the SSH protocol, but replacing its transport. QUICSSH is founded on the principle that SSH's authentication model, channel semantics, and tooling ecosystem are worth preserving — what needs to change is the fragile TCP underpinning. The team makes a deliberate architectural bet: Go for the client and control-plane, where developer velocity and cross-platform distribution matter, and C for performance-critical server-side and kernel-adjacent code where overhead is unacceptable. The goal is not another research prototype. It is to make QUICSSH the new industry standard — the OpenSSH of the QUIC era, built for the networked infrastructure of the next decade.
v0.1.0 — The Standard Goes Public
After nearly three years of internal development, security review, and hardening across real-world Linux, macOS, and Windows deployments, QUICSSH publishes its first public release on GitHub in March 2026. The v0.1.0 client and server are built from the ground up on QUIC and mandatory TLS 1.3 — there is no unencrypted mode, no legacy fallback. The release ships native OIDC/OAuth2 authentication, OTP and MFA support, full TCP and UDP tunneling, deep integration with Docker, LXD, and Incus container runtimes, and automatic session reconnection that survives IP changes, network handoffs, and brief outages without dropping the shell. QUICSSH runs on UDP port 22 — the same port number SSH has always used, now over a different transport. Because TCP and UDP are independent, SSH2 on TCP:22 and QUICSSH on UDP:22 can coexist on the same server without conflict, giving teams a clean migration path: run both in parallel, move workflows one by one, and retire TCP when ready. No flag day required. Signed binaries are published for all major platforms. The release is marked beta not because it is fragile, but because the team believes trust is earned incrementally, in the open, by users who test it against real infrastructure. The 31-year journey from Ylönen's university network to a QUIC-native SSH has a new chapter. The standard starts here.