it would be nice if I could give both server and client a static passphrase, with which the websocket traffic then is encrypted.

I know, you can use websockets with TLS and also the SSH traffic is encrypted already, but still, if a company intercepts TLS traffic and inspects it, you would see that SSH traffic is encapsulated.

See google#13