And a bunch of tool to use with it... But you can indeed do a lot with just SSH. This post gives a few good ideas.

Nice technique for automating the verification of SSH host keys. It'd be nice to see wider adoption.

Clearly a new OpenSSH feature to keep an eye on. This should improved security of the server by default. That said, it needs to be a bit more in the wild before knowing how to best tune it.

Make sure your OpenSSH server is up to date.

Interesting study on the brute force attacks against SSH. It gives plenty of insights and leads to a potential approach to detect most of them.

Good analysis of the backdoor recently discovered in xz. Really a bad situation. Luckily it was probably detected before it could do any real damage. What's especially striking is the amount of patience it required, it's really been put in place over a long stretch of time to reduce chances of detection.

Fascinating script which jumps over SSH servers in several hops and replicates itself without a file upload.

Very funny hack for a blog comment system.

Interesting new attack on the SSH protocol. This is hard to achieve outside of the LAN though.

Looks like a nice tool to check if your SSH config is secure. Works both for servers and clients.

Looks like a very nice alternative to ngrok. It's free, doesn't require any particular command to download, just works through SSH.

This is actually an interesting feature to know when a key changes.

Neat little list of tips, indeed some are useful and I didn't know about them.

Little known but potentially very useful SSH feature.