On Tue, 2025-03-25 at 17:12 +0100, Nicolas George wrote: > Jan Claeys (HE12025-03-25): > > > I should mention that having an internet facing ssh service is > > > usually a very bad idea. The 'better' approach is to have only a > > > VPN exposed and use heavy security on that. Once the VPN link is > > > established you can ssh through the VPN to internal systems.
> > Why do you think SSH is less secure than any other VPN ? > > Why do you think Jan says ssh is less secure than a VPN when Jan is > saying that ssh is less secure than VPN+ssh? Jeremy insinuated that, not me, by saying that having SSH listening publicly is a bad idea, and that “a VPN” listening publicly is somehow safer. As OpenSSH can be used as a VPN (if you want), a statement like that makes very little sense, unless SSH would be somehow less secure than all the other VPN solutions. -- Jan Claeys (please don't CC me when replying to the list)
