I already have SSH set up and functional, what advantage does spiped offer?
Because it's much simpler it's also a good way to expose a system to the internet, although Wireguard with a PSK is a very similar and possibly superior solution.
A subthread from 2014:
We would use stunnel rather than SSH for non-interactive usages. Having an active stunnel running all the time is safer than requiring a full SSH session being active.
Today, most people would just use WireGuard for this.
* Reduced attack surface: The spiped protocol (and implementation) is orders of magnitude simpler than ssh.
* spiped opens a separate transport layer connection for each pipe, mitigating "noisy neighbour" effects where one busy connection tunneled over ssh can bottleneck other connections tunneled over the same ssh connection. (This is not perfect, since spiped is single-threaded: A connection which is busy enough will end up starving you for CPU time for the crypto. But you'll typically hit that limit with traffic orders of magnitude higher than you'd need to create a bottleneck if everything goes over the same TCP connection.)
* spiped has no persistent connection, so there's nothing to be interrupted if your network drops (or if you move between networks). Every connection is a new connection; spiped is effectively transparent.
dang•5mo ago
Spiped – symmetric, encrypted, authenticated pipes between sockets - https://news.ycombinator.com/item?id=7539499 - April 2014 (86 comments)