SSH is a good example of the kind of thing that can't use high-level crypto libraries, because the constructions required to implement SSH are part of the specification.
We're all waiting for Daniel Bernstein to replace SSH, but it hasn't happened yet.
Do we need a replacement for SSH?
The OpenSSH team is doing an amazing work. Besides making the tool as secure as possible, they are also improving the protocol. The recently added support for encrypt-then-MAC modes is a great step forward.
I have a lot of respect for the OpenSSH team but think that they are saddled with a protocol that was designed (a) before anyone had a good idea how to design resilient cryptographic transports and (b) without a clear understanding of how people would want remote control channels to work in 2013.
