0 sats \ 0 replies \ @orthzar 17 Dec 2023 freebie \ on: SSH3: SSHv2 using HTTP/3 and QUIC tech
This is really not a good idea, because it allows rogue/negligent Certificate Authorities to masquerade as your server. With SSHv2, nobody can masquerade as your server, unless they somehow steal your server's privkey.
The claim in the above quote (that SSHv2 is less secure) refers to the fact that you have to manually verify the server's pubkey/fingerprint, which a lot of people don't do. That isn't insecure; it's just inconvenient. SSH3's solution is more convenient and, in fact, less secure.
Fortunately, you don't have to use x.509 certificates in SSHv3, so this is only a security problem for people who don't understand TLS's PKI (which is a lot of people).