Secure Shell (SSH) is frequently alluded to as ‘the poor man’s VPN’ or ‘the VPN that nobody remembers’ however both are still generally utilized today and have their points of interest and similitudes. In this article I will attempt and clarify in layman’s terms how they function and will likewise investigate the advantages and disadvantages of both association sorts and call attention to their best employments.
A basic similarity of VPN (Virtual Private Network) and SSH (Secure Shell) would be as the following example: let’s say you are having a phone discussion from home with your partners in a board room somewhere else. With a VPN everyone in the board room can hear you and you can hear them however with a SSH just a solitary individual can hear you and they need to forward the message to other people. What we are stating is a VPN interfaces you to a system and SSH to a solitary PC.
As their names would recommend both VPN and SSH are both used to “tunnel” system activity utilizing a scrambled association and accordingly furnishing you with additional security. Therefore individuals regularly ask “Which is the more secure?”.As you can presumably figure from the name of our organization we are inclined toward VPNs however from perusing the article you will likewise understand that SSH is an extraordinary instrument.
There are two distinct instances of utilizing VPNs and SSH – inside and outer – and both of these will be investigated. What we mean by interior is running your own particular VPN/SSH server and by outside is the point at which you associate with a remote administration as gave by your organization to home working or by a VPN supplier for security.
The main difference between SSH and VPN is that VPN works on the transport level while SSH works on an application level. This means that when you install a VPN it automatically routes all your network traffic through a secure tunnel and this is why when you install a VPN software it will also install a virtual network adapter.
On a security level both can be used to provide exactly the same amount of encryption and from this point of view there is no difference as long as you use the same encryption (see our encryption guide). The upside of using VPNs is that the traffic can be disguised as HTTPs traffic from an interceptors view.
Though VPN is generally easier to set up the problem is that there is no one unified standard for it. This means that the level of support can vary and you might have problems with setting it up. However with modern VPN providers they provide very good software and support so this is only an issue if you plan on running your own VPN server or need to connect to your company’s network.
Pros: Can use UDP or TCP, can disguise traffic
Cons: no unified standard
Uses: Remote access to company resources, providing security
As mentioned above SSH works on an application level. This means that it needs to be configured manually in order to protect all your traffic. Therefore if you wish to set-up encryption for all your software it needs to be manually configured using your SSH client – usually PuTTY
In some aspect it is good that SSH doesn’t encrypt all your traffic since this can slow down your connection and not all your programs might need it. On the downside it is much harder to disguise SSH traffic and some Flash/Java/JS/Activex plugins can bypass the connection settings.
As mentioned above SSH is easy to install but it can be hard to set-up. This is because you need to configure all connections individually and need to set your browsers to use a SOCKS proxy. SSH unlike VPN is a unified system and therefore there is a large amount of support out there.
Pros: doesn’t encrypt all your traffic, cheaper to run, single standardized & unified protocol
Cons: Harder to set up, can only use TCP, doesn’t encrypt all your traffic, hard to disguise traffic, DNS leaks
Uses: remote access to a single computer, providing security
In conclusion both VPN and SSH can provide you with the same level of security if properly configured. However SSH is a lot harder to configure and there a far fewer providers to choose from while there are plenty of VPN providers and since it automatically encrypts all your traffic and can be disguised – in our opinion at least – it is a far better system. Of course if you don’t mind not all your traffic being encrypted (e.g. only need secure browsing and emails) and learning some technical know-how then SSH is worth considering. If you really wish to it is also possible to use the two side-by-side but this can really sacrifice speed for a level of protection that you probably don’t need.