Re: SSH vs. VPN - comparable?

From: Cedric Blancher (blancher@cartel-info.fr)
Date: 12/19/01


From: Cedric Blancher <blancher@cartel-info.fr>
Date: Wed, 19 Dec 2001 08:28:46 +0000 (UTC)

Dans sa prose, John Blow (JBlow@nomail.net) nous ecrivait :
> Since I run an NT4.0 server at our firm (small size), I had no choice but to
> considered PPTP for remote access. After trying the zillion setup tutorials
> (chaos and contradictions) on the web, from MS, and from Netopia with no
> success, I gave up.

And what about IPSEC, which a reference for VPN ?

> However, the need for employee remote access has not subsided. So I have
> recently returned to the web to search for comparable alternates to VPN.
> Although, I know nothing about ssh, I have been reading lots of good things
> about it (ssh-2, that is).

SSH is a secure shell, with secure file transfert and port forwarding
capacities. It has quite nothing to do with VPN unless you seriously
trick it.
You can begin by forwarding ports. But it has limits. As an example, it
will be very difficult to you to achieve FTP over SSH, for you must
forward ftp-data connection with is negociated.
You can also set a PPP link up over the SSH session. It is quite simple,
but performances are poor. You are doing IP, over PPP, over an encrypted
layer 7 protocol over TCP...

> Could anyone with lots or some experience with both technologies offer me
> some insight. BTW, purchasing a hardware VPN solution is out of the
> question - their pricing is borderline rip-off. Thanks.

I have tried FreeS/WAN, patched for X509 certificates and PGPNet client
that comes with PGP Freeware. It worked fine. For Linux, another
FreeS/WAN is the best.

Have you tried PPTPd on Linux and PPTP clients ?

-- 
BOFH excuse #237:

Plate voltage too low on demodulator tube