Slashdot Mirror
SSH or IPSec?
shawngiese asks: "I'm looking for some feedback on which is the better way to make VPN connections - using SSHv2 or IPSec. My company apliware.com makes embedded linux firewalls here in Switzerland. Our next firmware will be coming out with SSH added to IPSec but during my tests I have noticed that the throughput of SSH is much faster when using the same ciphers. Is there any opinions on which has the better key exchange and also if the performance is better for SSH everywhere or just on our port/CPU? I assume since they both use the same ciphers that the data is as secure in one or the other. Of course IPSec offers full tunneling and encapsulation of more than just TCP but I can SSH through almost any NAT box and with the gain in throughput and many free clients for road warriors (even my Palm Pilot for terminal access) I wonder if SSH might not be the easier VPN than IPSec."
Hell, thats not interesting at all. The only thing that is interesting it TB/ms traffic that is encrypted with 10MB (byte not bit) keys 100,000x times or more with alternating encrpytions. But of cource I can do this on my C64.
The best part is using mindterm to tunnel ssh over https through my clients firewalls. It always freaks them out to see my homeoffice desktop via vnc over ssh over https with a zero foot print client.
Joe
Joe Batt Solid Design
Your company makes embedded firewalls? You MAKE firewalls? And you are asking Slashdot if SSH is better than IPSec?
Fortunately, the companies that I purchase firewall and VPN devices from know both of these protocols intimately. Some of them even had a hand in developing the protocols themselves. These companies also know what the pros and cons of each protocol are and which should be used in any give situation. I would expect nothing less from a company that MAKES firewall and VPN devices.