# Install ssh3 with Homebrew, MacPorts, scoop

Faster and richer secure shell using HTTP/3. Version 0.1.7 via Homebrew; verified 2026-06-15.

## Install

```sh
sudo av install brew:ssh3
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install ssh3
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install ssh3
```

  Evidence: MacPorts ports tree: net/ssh3/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Windows

- Scoop (92%):

```sh
scoop install main/ssh3
```

  Evidence: Scoop official bucket manifest trees: bucket/ssh3.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:ssh3
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/ssh3>
- **Version:** 0.1.7
- **Source summary:** Faster and richer secure shell using HTTP/3
- **Homepage:** <https://arxiv.org/abs/2312.08396>
- **Repository:** <https://github.com/francoismichel/ssh3>
- **Upstream docs:** <https://arxiv.org/abs/2312.08396>
- **License:** Apache-2.0
- **Source archive:** <https://github.com/francoismichel/ssh3/archive/refs/tags/v0.1.7.tar.gz>
- **Last updated:** 2026-06-15T10:21:20-04:00
- **Generated:** 2026-07-09T07:20:21+00:00

## Executables

- ssh3 (cli)
- ssh3-server (cli)
- ssh3 (alias)
- ssh3-server (alias)

## Build dependencies

- go

## Uses from macOS

- libxcrypt

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, monterey, sonoma, ventura, x86_64_linux

## Freshness

- Page generated: 2026-07-09
- Package-manager version: 0.1.7
- Package-manager updated: 2026-06-15
- Local data: ok
- Upstream repository: https://github.com/francoismichel/ssh3
- Upstream latest detected: v0.1.7 (current)
## Project history and usage

SSH3 is an experimental secure-shell implementation and research prototype that maps SSH connection semantics onto HTTP/3, QUIC, TLS 1.3, and HTTP authorization mechanisms. Its appeal in package-manager culture is that it lets developers install and test a speculative next-generation remote-login protocol with familiar `ssh3` and `ssh3-server` commands.

### Project history

The project comes from research by Francois Michel and Olivier Bonaventure. The arXiv paper 'Towards SSH3: how HTTP/3 improves secure shells' was submitted on 12 December 2023, and the repository README says the work was proposed as an Internet-Draft later renamed 'Remote Terminals over HTTP/3'.

### Adoption history

SSH3 is intentionally presented as experimental and not yet appropriate for production systems without further review. Its packaging in Homebrew, MacPorts, and Scoop reflects early-adopter interest rather than mature infrastructure adoption.

### How it is used

The official README documents installation with `go install github.com/francoismichel/ssh3/cmd/...@latest`, a client named `ssh3`, and a server named `ssh3-server`. It reuses familiar SSH concepts such as `~/.ssh/authorized_keys`, `~/.ssh/config`, identity files, agent use, and proxy jumps while adding HTTP/3-specific ideas such as URL paths, X.509 certificates, OpenID Connect, and UDP forwarding.

### Why package nerds care

Package nerds care because SSH3 is a rare example of a research protocol that is immediately packaged as a CLI for hands-on testing. It is useful for comparing old SSH assumptions with modern transport and identity plumbing, while its experimental status keeps it in the sandbox/lab category.

### Timeline

- 2023: arXiv paper 'Towards SSH3: how HTTP/3 improves secure shells' submitted on 12 December 2023.
- 2023: The project README describes SSH3 as research work proposed as an Internet-Draft.
- 2026: The Datatracker page shows the renamed Remote Terminals over HTTP/3 draft as expired/no longer active.

### Related projects

- SSH3 is related to OpenSSH, QUIC, HTTP/3, TLS 1.3, OpenID Connect, quic-go, and the IETF Remote Terminals over HTTP/3 draft.

### Sources

- <https://arxiv.org/abs/2312.08396>
- <https://datatracker.ietf.org/doc/draft-michel-remote-terminal-http3/>
- <https://github.com/francoismichel/ssh3#readme>
- source_facts.package-manager


## Security Notes

broad file, network, media, or database tool signal. generalized runtime or code generation signal.

- **Geiger risk:** yellow / medium
- broad file, network, media, or database tool signal
- generalized runtime or code generation signal


## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Configuration files

- Unix: ~/.ssh/config

## Credential files

- Unix: ~/.ssh/authorized_keys, ~/.ssh3/authorized_identities
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** ssh3
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- MacPorts - ssh3: normalized package name match | MacPorts ports tree: net/ssh3/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
- Scoop - main/ssh3: normalized package name match | Scoop official bucket manifest trees: bucket/ssh3.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1


## Related links

- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Web development packages](https://www.automicvault.com/pkg/web-dev-tools/) - Matched web development metadata.
- [go](https://www.automicvault.com/pkg/brew/go/) - Build dependency declared by Homebrew.
- [pssh](https://www.automicvault.com/pkg/brew/pssh/) - Shares av.db curated category or tags: cli, networking, remote-access, ssh.
- [putty](https://www.automicvault.com/pkg/brew/putty/) - Shares av.db curated category or tags: cli, networking, remote-access, ssh.
- [sshportal](https://www.automicvault.com/pkg/brew/sshportal/) - Shares av.db curated category or tags: cli, networking, remote-access, ssh.
- [upterm](https://www.automicvault.com/pkg/brew/upterm/) - Shares av.db curated category or tags: cli, networking, remote-access, ssh.
- [autossh](https://www.automicvault.com/pkg/brew/autossh/) - Shares av.db curated category or tags: cli, networking, ssh.
- [boring](https://www.automicvault.com/pkg/brew/boring/) - Shares av.db curated category or tags: cli, networking, ssh.
- [corkscrew](https://www.automicvault.com/pkg/brew/corkscrew/) - Shares av.db curated category or tags: cli, networking, ssh.
- [gateway-go](https://www.automicvault.com/pkg/brew/gateway-go/) - Shares av.db curated category or tags: cli, networking, remote-access.
- [mosh](https://www.automicvault.com/pkg/brew/mosh/) - Security-sensitive metadata or terminology overlaps. Shared terms: access, cli, networking, remote, remote-access.

## Combined YAML source

View the package source record on GitHub. [combined/ssh3.yml](https://github.com/automic-vault/db/blob/main/combined/ssh3.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
