VPN Tunnel vs SSH Tunnel
What is the difference between a tunnel, a VPN tunnel and an SSH tunnel? According to Wikipedia, "tunneling" is:
Tunneling typically contrasts with a layered protocol model such as those of OSI or TCP/IP. The delivery protocol usually (but not always) operates at a higher level in the model than does the payload protocol, or at the same level.
But that doesn't really mean much to me. So is a tunnel like HTTP being used to carry a TCP payload?
I guess all this "tunnel terminology" would make sense with a few practical (real-life) examples.
Solution 1:
A SSH tunnel (mostly used as a socks proxy) is only working for TCP packets, as a VPN (like OpenVPN
or PPTP
) will also be able to work with UDP packets.
Browsing the web is only TCP, however most games are using UDP aswell. Also, if using a VPN you don't need to configure each application to use the VPN (since your OS will do this) but a socks proxy (for a SSH tunnel) do require some configuration.
If your application doesn't support these protocols, something as ProxyCap can be used to force applications to use that socks proxy.
Solution 2:
With vpn, your computer becomes part of another network. All traffic between your computer and the target network is encrypted. You have access to all computers on the target network directly from your computer.
With ssh, you just connect to another host, but you don't become part of the server's network.
An analogy. Consider there is a discussion but you are not present. There is a phone. You call the room where the discussion takes part. If the phone in the remote room is a speaker phone, then your voice can be heard by everybody and everybody can talk to you directly. This is the vpn since for all practical purposes, you are virtually present.
If the phone is not speaker-phone capable, then you can talk only to one person at a time who relays the messages. That's the ssh analogy.