HTTPS (TLS/SNI) proxy support
Support for HTTPS proxies that use openssl, sclient, Telebit, ngrok, localtunenel.me, etc.
These are all very simple and easy to implement. All that needs to be done is open a tls connection and pipe the ssh connection through that. Dead simple - probably one of the lowest cost features you’ll ever implement.
The purpose is two-fold:
SSH doesn’t support SNI so in order to be able to access my home computer through a secure relay it has to be wrapped in TLS.
Library and Airport networks often block all non-443, non-https traffic. Wrapping ssh in TLS makes it work behind these and even behind politically oppressive firewalls. (caveat: the tap tap tap keystroke cadence is still a giveaway for extremely advanced firewalls, but those are very few and far between)