

FYI: SSH is not vulnerable to the SSL/TLS MITM attack - there
http://djm.net.au/2009/11/6/ssh-is-not-vulnerable-to-the-ssl-tls-mitm-attack

======
tptacek
SSH is also mutually authenticated in the common case (virtually all cases, in
fact), but client-side authentication is rarely used in SSL. There's no
"anonymous" stage in the lifecycle of an SSH connection where you can send app
data.

