Question ssh vs vpn
- Thread starter datakom
- Start date
This is not a straight forward question. SSH in a way is a form of VPN just using different ports than say OPENVPN. How secure the are depends on what methods you use for key exchange and encryption. Last time I looked SSH supported most the same protocols used by OPENVPN.
In some ways people say the open source version are more secure because you have huge numbers of people looking at the code both for good and bad reasons. In theory problems should be found quicker with more eyes looking at it. Fixes tend to also be faster because there is less bureaucracy to get changes made.
In some ways people say the open source version are more secure because you have huge numbers of people looking at the code both for good and bad reasons. In theory problems should be found quicker with more eyes looking at it. Fixes tend to also be faster because there is less bureaucracy to get changes made.
- Oct 15, 2014
- 18,029
- 2,337
- 101,590
you need to define what you mean by "secure"
can someone decrypt your data in transit? no
will the service you use log your activity once it decrypts it and sell it? most likely
2 different things but both relate to "security" in my opinion.
once your traffic leaves the vpn server it is no longer protected by the encryption. it only masks where the data came from, thus shifting who it is that gets to data mine it. your isp gets taken out of the equation, but the vpn service now has all your traffic info. most paid services claim to not keep logs, but they are all lying.
any free service is mining the heck out of you and selling it, they still got to make money. paid services keep less info but they still keep it and make a buck off it when they can.
you need to define what you want/need and then explore how to best make it happen. there is no single magic bullet that just "protects" and "secures" your internet experience.
can someone decrypt your data in transit? no
will the service you use log your activity once it decrypts it and sell it? most likely
2 different things but both relate to "security" in my opinion.
once your traffic leaves the vpn server it is no longer protected by the encryption. it only masks where the data came from, thus shifting who it is that gets to data mine it. your isp gets taken out of the equation, but the vpn service now has all your traffic info. most paid services claim to not keep logs, but they are all lying.
any free service is mining the heck out of you and selling it, they still got to make money. paid services keep less info but they still keep it and make a buck off it when they can.
you need to define what you want/need and then explore how to best make it happen. there is no single magic bullet that just "protects" and "secures" your internet experience.
- Jul 26, 2008
- 3,873
- 520
- 23,840
I think you mean SSL not SSH, SSH is SecureSHell and used to remotely connect to *nix related machines along with SFTP and SCP. SSL is just a communications protocol, originally intended for internet traffic like HTTP, it can be used to secure any point to point connection. Virtual Private Network is a method of tunneling layer 2/3 of the OSI model on top of another layer 3/4 connection, almost like running a thousand mile virtual ethernet cable, it is used heavily in commercial networking to link remote office sites with HQ, and even remote workers notebooks back with home office.
The vast majority of VPN providers now use OpenVPN, which is an amazing open source program that lets you form a VPN link over a SSL connection, SSL is not only an extremely common connection type but also designed to not care about how it gets to the destination, making it perfect for tunneling over public internet. I know all this personally because I run my own VPN server at home that lets my laptops connect back whenever I'm traveling for business.
This is categorically false, there have been several legal cases where those providers were able to prove they didn't and couldn't have the logs the law enforcement were asking for. Furthermore there have been instances where foreighn governments have raided and seized VPN providers hardware to get those logs and found nothing.
The way this works is easy, OpenVPN lets you set the logging location for each server instance and what you do is set it to /dev/null or a ram space like just /tmp/log, then have it overwritten every 10 to 30kb. That gives just enough to know the system is working, but it's in ram and gets blanked everytime the server is restarted, while also never keeping anything very old. We can actually make these servers have no storage at all and use netboot to startup and get configuration parameters.
The vast majority of VPN providers now use OpenVPN, which is an amazing open source program that lets you form a VPN link over a SSL connection, SSL is not only an extremely common connection type but also designed to not care about how it gets to the destination, making it perfect for tunneling over public internet. I know all this personally because I run my own VPN server at home that lets my laptops connect back whenever I'm traveling for business.
This is categorically false, there have been several legal cases where those providers were able to prove they didn't and couldn't have the logs the law enforcement were asking for. Furthermore there have been instances where foreighn governments have raided and seized VPN providers hardware to get those logs and found nothing.
The way this works is easy, OpenVPN lets you set the logging location for each server instance and what you do is set it to /dev/null or a ram space like just /tmp/log, then have it overwritten every 10 to 30kb. That gives just enough to know the system is working, but it's in ram and gets blanked everytime the server is restarted, while also never keeping anything very old. We can actually make these servers have no storage at all and use netboot to startup and get configuration parameters.
- Nov 23, 2022
- 5
- 0
- 10
I think question is not clear enough. However for your clearification please read below lines.
SSH uses the network's application layer, whereas VPN uses the transport layer. Because a VPN deals with the network itself, it can use resources from a public network while acting as a separate network. In between SSH & VPN, VPN is the best option for privacy and security.
Thanks
SSH uses the network's application layer, whereas VPN uses the transport layer. Because a VPN deals with the network itself, it can use resources from a public network while acting as a separate network. In between SSH & VPN, VPN is the best option for privacy and security.
Thanks
failboat
Splendid
- Feb 19, 2010
- 1,905
- 51
- 21,390
question is far too broad. both have good encryption. a third party host is a whole other topic. many of the free hosts are scams.
vpns and ssh are used for different things.
paid third party vpns tunnel all your internet traffic to the third party and then out to the internet. so it only hides it from everyone between you and them.
vpns and ssh are used for different things.
paid third party vpns tunnel all your internet traffic to the third party and then out to the internet. so it only hides it from everyone between you and them.
VPNs are a lot better at handling tunneling your traffic into a private network, or tunneling traffic between two private networks. It can certainly be done with SSH tunnels, but it's a lot harder to do.
SSH is good for simple tasks. VPN allows for a more managed security environment. However the complicatedness of VPN itself may actually open up security holes. SSH may also be used in combination with VPN. It really depends on the needs of the company.
SSH is good for simple tasks. VPN allows for a more managed security environment. However the complicatedness of VPN itself may actually open up security holes. SSH may also be used in combination with VPN. It really depends on the needs of the company.
TRENDING THREADS
-
-
-
Question Download speed is slow on only my PC - please help!- Started by Ograsmium
- Replies: 16
-
-
Question New installed W11 on sdd, D drive (HDD) goes to the 100% in seconds
- Started by Emily_Vin
- Replies: 7
Facebook
Twitter
Instagram