[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] SSHv2 vs OpenVPN security


  • Subject: Re: [Openvpn-users] SSHv2 vs OpenVPN security
  • From: Martijn Lievaart <m@xxxxxxx>
  • Date: Wed, 29 Dec 2004 00:08:21 +0100

Mathias Sundman wrote:


Yes, you're right, I was only asking about this from a crypto standpoint. Me too prefer OpenVPN in most cases, but there are still some cases where SSH is preferable.


The reason I asked was because I have a customer who is setting up a disaster recovery solution for a Solaris server, and simply needed shell access and a way to transfer files to the off-site backup machine. One user and one server -- can't be much easier, so I suggested to use SSH.

However for some reason they did not accept SSH for securing this, but OpenVPN was okay. I clamed that SSH had the same level of security as both OpenVPN and IPSec (given it is correctly configured of cource), so I just wanted to make sure I was right about that...

I'm fine with setting up OpenVPN to, so it's no problem, the customer gets what they what, I just find it a little overkill to use OpenVPN in this scenario, which is exactly what SSH was designed todo, but policies are policies! If I would have called it ssh-VPN instead of just ssh it would probably have been aproved ;-) VPN are good, other protocols can't be trusted!


In fact, as ssh can narrow down what one can do over this connection, I would say ssh is more secure than a network connection which has to be firewalled seperately. Given this scenario I would use ssh anytime, not a VPN solution.


M4


____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users