Re: SSH vs. VPN - comparable?

From: Cedric Blancher (blancher@cartel-info.fr)
Date: 12/19/01


From: Cedric Blancher <blancher@cartel-info.fr>
Date: Wed, 19 Dec 2001 08:28:46 +0000 (UTC)

Dans sa prose, John Blow (JBlow@nomail.net) nous ecrivait :
> Since I run an NT4.0 server at our firm (small size), I had no choice but to
> considered PPTP for remote access. After trying the zillion setup tutorials
> (chaos and contradictions) on the web, from MS, and from Netopia with no
> success, I gave up.

And what about IPSEC, which a reference for VPN ?

> However, the need for employee remote access has not subsided. So I have
> recently returned to the web to search for comparable alternates to VPN.
> Although, I know nothing about ssh, I have been reading lots of good things
> about it (ssh-2, that is).

SSH is a secure shell, with secure file transfert and port forwarding
capacities. It has quite nothing to do with VPN unless you seriously
trick it.
You can begin by forwarding ports. But it has limits. As an example, it
will be very difficult to you to achieve FTP over SSH, for you must
forward ftp-data connection with is negociated.
You can also set a PPP link up over the SSH session. It is quite simple,
but performances are poor. You are doing IP, over PPP, over an encrypted
layer 7 protocol over TCP...

> Could anyone with lots or some experience with both technologies offer me
> some insight. BTW, purchasing a hardware VPN solution is out of the
> question - their pricing is borderline rip-off. Thanks.

I have tried FreeS/WAN, patched for X509 certificates and PGPNet client
that comes with PGP Freeware. It worked fine. For Linux, another
FreeS/WAN is the best.

Have you tried PPTPd on Linux and PPTP clients ?

-- 
BOFH excuse #237:

Plate voltage too low on demodulator tube



Relevant Pages

  • Re: Experienced users of Symantec PC Anywhere....need some help
    ... wrapping the connection in a VPN would be a good idea security wise but it's not necessary. ... WinXP remote access ... Well it sounds like a Windows shop, so I'd recommend Remote Desktop over SSH or VPN if they know computers well. ...
    (alt.sys.pc-clone.dell)
  • Re: SSH vs. VPN - comparable?
    ... the need for employee remote access has not subsided. ... SSH is not a VPN by any stretch of imagination. ... >question - their pricing is borderline rip-off. ...
    (comp.security.firewalls)
  • RE: Remote access recurrent disconnection
    ... My VPN and RWW is already configured as you have described below. ... server and rerun the CEICW for the remote access to work. ... As from then every 3 hours I have to run this wizard for remote access to ...
    (microsoft.public.windows.server.sbs)
  • Re: RAS server denied accesss
    ... Posting on MS newsgroup will benefit all readers and you may get more help. ... Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on ... >> When attempting to start the Routing and Remote Access Service, ...
    (microsoft.public.win2000.ras_routing)
  • RRASWiz
    ... I have several client installations of SBS2003 Std and one Premium. ... I recently changed a site VPN access using the Configure Remote Access ... Checking whether RRAS is already running returned OK ...
    (microsoft.public.windows.server.sbs)