Comment SSH vs IPsec (Score 4, Informative) 43
SSH is a great secure connection software, not a VPN software. It's can be used to for simple problems, where you want a no hassle portable solution.
IPsec is conceptually much prefered, and also indeed more secure. It is a more complex solution, implementations aren't always stable and are less tested. It is also the standard, if any, for TCP/IP encryption.
SSH should have more overhead for a solution involving the same kind of encryption level and security, and should thus be slower, but this might not be the case in real life. A comparison on an OpenBSD platform would probably be fair, but make sure not to compare a full blown IPsec solution to a simple SSH stream.
Example: You have 10 geographically separated offices...
If you tried to do this using SSH tunnels I would laugh my head off... I'd use OpenBSD/IPsec.
Example: You want to make an existing, specific stream, encrypted.
Tunnel it through SSH.
IPsec is conceptually much prefered, and also indeed more secure. It is a more complex solution, implementations aren't always stable and are less tested. It is also the standard, if any, for TCP/IP encryption.
SSH should have more overhead for a solution involving the same kind of encryption level and security, and should thus be slower, but this might not be the case in real life. A comparison on an OpenBSD platform would probably be fair, but make sure not to compare a full blown IPsec solution to a simple SSH stream.
Example: You have 10 geographically separated offices...
If you tried to do this using SSH tunnels I would laugh my head off... I'd use OpenBSD/IPsec.
Example: You want to make an existing, specific stream, encrypted.
Tunnel it through SSH.
