Answer the question
In order to leave comments, you need to log in
What's the difference between ssh, stunnel, ipsec and openvpn?
Good afternoon!
Trying to understand the difference between ssh, stunnel, ipsec and openvpn.
The task is to make an encrypted connection between client and server applications.
I read about stunnel and ipsec, but did not understand why they are needed when there is ssh and openvpn.
Please share your real experience.
Correct me if I'm wrong:
1) SSH:
Main purpose:
Designed for interactive work.
Disadvantages:
does not have built-in means to restore the connection in case of a break.
Data transfer only at the L3 level
Advantages:
Already installed on any Linux machine
Large selection of encryption algorithms
2) OpenVPN:
Main purpose:
Providing an encrypted channel
Disadvantages:
Requires more effort than ssh to configure and install:
Encryption only using SSL
Pros:
Has built-in means of reconnecting in case of a break.
Allows you to transfer traffic level L2
3) Stunnel
Purpose:
?
Advantages
?
Disadvantages
?
3) IPSec
Purpose:
?
Advantages
?
Disadvantages
?
Thanks in advance for your valuable advice.
Answer the question
In order to leave comments, you need to log in
In general, the difference in all these services is at what level of TCP/IP they operate. It follows from this what they can and what they allow.
In general, some solutions are SSL, others are VPN. Through SSL, a specific application communicates with another specific one. Entire networks can communicate through a VPN using any protocol.
If you are interested, here is a more detailed description, though in bourgeois.
IPSec is a set of network layer protocols used to organize VPN connections.
OpenVPN is an implementation of VPN technology.
SSH is generally an L7 protocol.
all of them (including stunnel) are able to build tunnels - but not application-application, but PC-PC.
Based on the question "The task is to make an encrypted connection between client and server applications."
I would advise you to pay attention to SSL(must die)/TLS.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question