Comparison Between VPN & SSH Tunnel. Which One Is Better?

If you'll ask me what VPN or SSH Tunnel are there for, I'll simply answer that it "tunnels" the network traffic over the encrypted connection. They might be similar in some purposes, but are different in others. If you are in a dilemma which one to use, this article will help you big time.


In a Geek's world (Yes! we have a different world), SSH tunnel is referred to as "a poor man's VPN" more often than not because it can provide exactly the same features that a VPN can provide without cumbersome server setup process - but with some limitations.


What is a VPN? How does it Works?


As we all know, VPN is abbreviated form of "Virtual Private Network". The name itself indicates that it's used for connect private networks over the public networks such as The Internet. The major business firms do implement VPN Technology to make sure the remote access is possible without having the threats of security breach. VPN does helps in this purpose and often doesn't disappoint us. Some company may have important employees who travels a lot for business purpose, and they just have to be connected all the time to the company's private network, but at the same time the business firm doesn't want to bear the risk of getting exposed by sharing their important resources over the Internet. In this scenario, the VPN comes to the rescue. Once the VPN server is up and running, all the employee at remote place need to do is to enter security credentials (e.g Password) to log into the server, and after the successful logging in, he/she can access the important documents without any hiccups. They can freely share and download the resources over the VPN as if they are using the company's physical network in a company's building.


The VPN client communicates over the public internet and send/receives the computer's network traffic through the encrypted connection to the VPN Server. It provides the highly secure connection thus eliminating any possibilities of spoofing kind of thing over the internet. Our day-to-day internet needs are also served securely by the VPN. In most cases all the web traffic is sent over the VPN connection, thus people between VPN client and server connection can't spoof the data from the web traffic. This provides exclusive protection at public Wi-Fi networks where the security is a big concern as well as it allows users to access the geographically restricted sites. For example, if the VPN server is situated in the another country than the country you live in, it will even let you access the sites that are restricted in your area/country. In office, some employees also installs the VPN client to their office computer to bypass the official restriction and to access their favorite website because it appears that all the traffic is coming through the VPN server.


More importantly, a VPN operates at operation system layer rather than application level. In the sense, it routes all your network traffic through the VPN Server. Thus you need not to setup each and every application to route through the VPN, as it's done automatically.


You can also setup your own VPN on your home router, but we'll cover it in upcoming articles.


What is SSH? How does it Works?


The SSH is an abbreviated form of "secure shell" which isn't designed solely for tunneling network traffic. Generally it's used to setup a remote terminal session But SSH has other usages also that will be discussed exclusively on TechoTravel.in in a short future. Stay tuned. Coming back to the point, SSH uses strong encryption techniques and you can set your SSH client to act as a SOCKS proxy as well. Once set up, you can point your computer applications to use that SOCKS proxy. All the traffic tunnels through SOCKS proxy. Which Which means, traffic enters the SOCKS proxy running on the local system and the SSH client forwards it through SSH connection. This works similar as VPN connection, so your traffic appears to be coming from the SSH server. The traffic between your computer and the SSH server is encrypted, thus you are able to browse through an encrypted connection as you could with the VPN.


As we mentioned earlier, the SSH server is a "poor man's VPN" - thus it doesn't provides as much features as a VPN server. In a VPN you need not to configure each and every applications to route through the VPN client, it automatically does that. But that's not the case in SSH connection. You have to configure each and every application that you want to route through SSH server, which is quite cumbersome. But alas! it's a poor man's VPN, so the expectation is low, so no problem, I guess! Moreover it's considerably difficult to setup Windows networked file shares with SSH tunnel.
A tool named PuTTY is used to setup SSH Tunnel. This also is a new tutorial that is going to be featured on TechnoTravel.in in coming days.


Which one is Better?


Here, if we mean better in the sense of security, the VPN wins here as it's easy to force all the network traffic through it, thus eliminating any possiblities of network loopholes, thus providing more security. However, for the home purpose, or to secure yourself from public Wi-Fi networks, both VPN and SSH both will serve you well.


Another aspect we need to consider here is the setting up process. Novice users can easily connect to the VPN client, thus connecting to a VPN server is very user friendly, but keep in mind that setting up an VPN Server isn't user friendly by any means. Whereas SSH tunnels are more daunting to novice users, but setting up an SSH server is rather easy compared to the VPN server.


Businesses looking for more robust networking will have to invest in a VPN. On the other hand, if you’re a geek with access to an SSH server, an SSH tunnel is an easy way to encrypt and tunnel network traffic – and the encryption is just as good as a VPN’s encryption.