I also hope they didn't decide to roll their own SSH2 stack for their product (article doesn't mention if they did or did not).
Another thing I wish people would do is to include a link to .pcap of the network traffic they are trying to explain. Found one[pcap].
[...] https://tools.ietf.org/html/rfc4250 (and others)
Also, since it is thinking like a collector, OpenSSL won't even nudge you if you start trying to do something that is inherently a terrible idea, like using an RSA key for encrypting data. It's possible, OpenSSL can help you do it, but you definitely shouldn't.
Libraries focused around solving real problems, such as Tink are less likely to inadvertently allow you to start doing something that everybody who cares already knew was a bad idea before you even began work.
If at all possible, you should use something that directly implements the high-level constructs you need. libsodium does a good job here (and has bindings for most languages), but there are other tools for more nuanced requirements (e.g., the noise protocol suite for bi-directional communication).
In term of using it wrong, I don't find it any worse than other libraries. You have to know what you are doing when using crypto API.
Looking at the doc and browsing the code a bit, I don't see how to do key derivation. Is there a way to do simple key derivation via pbkdf2, scrypt or the variants?
Originally OpenSSH depended on OpenSSL but it doesn't do that any more if you use chapoly and curve/ed25519.
* quote: "generates ___something___ referred to as the exchange hash H" - in article which tries to sound technical and in fact in some parts goes into much details, this ___something___ is really funny :)
* copy pasta description of forward secrecy, wrongly explaining why it is forwardly secure
* wrong chain of events with lack of important diagram, while adding boilerplate :(
p.s. amount of upvotes shows these days a lot of us click up before reading _whole_ article.
If the author is reading this, consider how you might make it clear that the rows don't relate things across the columns.