Doesn’t ssh support quantum secure algorithms already?
It does now, yeah. I started this project, AFAIK, before that was a thing (developement began circa Jan 2018). It was inspired by my frustration with experiments at extending openssh itself, at that time, to support new algorithms; despite having many years of experience in C and Linux/POSIX, the C codebase was, to me at least, obtuse due to its long history – so much so that I hit a wall in my efforts.
At the time I was learning Go, and given its very nice string/buffer handling with better bounds-checking and enforcement, plus very good crypto libraries and interfaces for easy addition of new algorithms, it occurred to me that it might be easier (and more fun!) to take a crack at my own remote shell implementation. Don’t get me wrong – I love (OK, love/hate) C, and have made my career in it, but Go in many ways is just a much nicer language in which to code, esp. security-related stuff.
I found the concept of another potential tool to fulfill the same ‘niche’ as ssh compelling; enough so to motivate me to write it. A monoculture is dangerous, IMHO – it’s a single point of attack/failure if everyone, everywhere, uses a single tool/protocol for a common task.
Another goal was to build into the protocol defenses against traffic analysis, via ‘chaffing’. The protocol supports sending bogus random data amongst the real session data in order to impede efforts to analyse the stream, whether interactive shell activity or file transfers.
On the wiki page there’s a link to the SLOC of this project, which demonstrates that xs is a lot less code to understand than openssh. Complexity is an enemy of security, so my thinking was/is that a smaller codebase would be a good thing …
My honest wish is that others would consider doing audits on the code and protocol, and suggest improvements. It’s definitely experimental, but useful enough that I use it as my remote access solution instead of ssh 99% of the time for my own servers.