OpenSSH is an implementation, SSH is a technology and/or protocol, it doesn't make a lot of sense to compare them that way. Although from later comments RDP seems to have a history in Citrix prior to it's life as RDP, so there are likely clear reasons why it didn't use the SSH protocol (namely that the underlying technology RDP was built on does predate the SSH protocol).

According to Wikipedia, RDP = June 16, 1998 SSH = 1995. OpenSSH = 1999

RDP is based on Citrix ICA which builds on Citrix Multiuser released in 1991 for OS/2, and 1992 for DOS, 1993 for Windows.

https://www.basvankaam.com/2017/03/29/a-lesson-in-history-th...

The Citrix/Microsoft relationship is a bonkers story. The world didn't yet know that licensing your tech to Microsoft meant you were going to grab your ankles.

In the several decades since, nothing has stopped them from coming out with a "RDP v2."

I trust SSH to be public-facing. Don't have the right private key? Pound sand. You're not getting in.

I trust RDP to allow someone to break into my machine, get admin privileges, and infect / bot it, likely in under an hour.

Smart cards rolls eyes

Smart cards is just certificate-based authentication really.

Microsoft did indeed fail hard - if they just made certificate authentication easy to configure on stand-alone machines like SSH key authentication is (and allow to keep the key as a file if desired, instead of in a smart card), a lot of pwnage would've been avoided.

You can set up RD Gateway to leverage MFA.

https://learn.microsoft.com/en-us/entra/identity/authenticat...

That’s why you have an vpn or the rdp gateway instead of exposing the machines directly to internet.

Iirc you can enable Remote Desktop and block public access and connect over an SSH tunnel. Newer versions of Windows include an SSH server.