iirc spiped uses TLS/OpenSSL for securing the connection, the symmetric key avoids the key-exchange and worrying about certificates, and therefore is better capable of efficiently using the connection than SSH by itself.

Because it's much simpler it's also a good way to expose a system to the internet, although Wireguard with a PSK is a very similar and possibly superior solution.

I'm presuming this is pretty similar to https://www.stunnel.org

We would use stunnel rather than SSH for non-interactive usages. Having an active stunnel running all the time is safer than requiring a full SSH session being active.

There are several advantages to using spiped rather than tunneling via ssh:

* Reduced attack surface: The spiped protocol (and implementation) is orders of magnitude simpler than ssh.

* spiped opens a separate transport layer connection for each pipe, mitigating "noisy neighbour" effects where one busy connection tunneled over ssh can bottleneck other connections tunneled over the same ssh connection. (This is not perfect, since spiped is single-threaded: A connection which is busy enough will end up starving you for CPU time for the crypto. But you'll typically hit that limit with traffic orders of magnitude higher than you'd need to create a bottleneck if everything goes over the same TCP connection.)

* spiped has no persistent connection, so there's nothing to be interrupted if your network drops (or if you move between networks). Every connection is a new connection; spiped is effectively transparent.

Uzbekistan!