Doing a personal research project and I'm wondering: Why does SSH do its own mechanism negotiation rather than use SASL? At first I thought it might be to ensure confidentiality of the whole session, but looking at the wikipedia page it looks like that should be taken care of by the "transport" layer, much like exists in TLS+SASL.
My question is: Is there a technical reason why ssh can't just do a key exchange and then run SASL negotiation through the tunnel before setting up the channel(s)?
SSH implementations can't use SASL and TLS, because then they won't follow the SSH protocol anymore.
The SSH protocol doesn't use SASL because it predates it, or at least wide adoption of it. After SSH was readily available and widely used, there just hasn't been much interest in making something that does what SSH does but uses SASL and TLS.
But it's possible to make a 'secure telnet' implementation by using SASL and TLS with it.
Wikipedia says this on the subject: "As has happened with other early Internet protocols, extensions to the Telnet protocol provide Transport Layer Security (TLS) security and Simple Authentication and Security Layer (SASL) authentication that address the above issues. However, most Telnet implementations do not support these extensions; and there has been relatively little interest in implementing these as SSH is adequate for most purposes."
