[PeterWhittaker]

While this may be very simple to use, why would I use this in preference to SSH, given that SSH has figured out authentication, session security, etc?

Yes, setting this up with SSH is (mildly) more complex, but given the inherent security, one wonders why one would opt for simplicity.

[ekzhang]

There are different goals here and a different protocol. I use SSH remote port forwarding regularly for my work. It's ubiquitous, encrypted, and works in production. Bore has different goals; it strives for simplicity, ergonomics, efficiency, and correctness. Adding encryption to the tunnel is explicitly out of scope; bore only proxies raw TCP. If you want to add encryption, you would need to run it on top of bore, by setting up TLS termination on your own local web server (TLS runs on top of TCP) or using some other encrypted protocol.

[skoskie]

The author has responded in their own top level comment. Currently the lowest comment on the page.

[remram]

They have responded multiple times "see the FAQ" and "different goals" but haven't actually provided an example advantage of this over ssh -R. Unless the lack of security is a benefit somehow? Speed maybe?

[svnpenn]

Is SSH even available for Windows? I see people point to SSH a lot with this topic, but it seems like they assume that everyone has SSH already installed.

[mcpherrinm]

OpenSSH has been included with windows 10 by default for a number of years now

[svnpenn]

Nope. I just tried "ssh" and got command not found. Correction, look like they put it in a subfolder:

    C:\Windows\System32\OpenSSH\ssh.exe