this post was submitted on 18 May 2024
19 points (100.0% liked)

linux4noobs

1421 readers
2 users here now

linux4noobs


Noob Friendly, Expert Enabling

Whether you're a seasoned pro or the noobiest of noobs, you've found the right place for Linux support and information. With a dedication to supporting free and open source software, this community aims to ensure Linux fits your needs and works for you. From troubleshooting to tutorials, practical tips, news and more, all aspects of Linux are warmly welcomed. Join a community of like-minded enthusiasts and professionals driving Linux's ongoing evolution.


Seeking Support?

Community Rules

founded 1 year ago
MODERATORS
 

Hello I am wondering if there is increased network/packet security by connecting to a server over ssh through a VPN hosted by that same server as opposed to without first tunneling by VPN. I imagine with or without tunneling through a VPN there would be latency/speed differences too?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] refalo 2 points 7 months ago* (last edited 7 months ago) (1 children)

and hinders surveillance by your internet provider

Yes, but it also shifts all that surveillance capability directly to your vpn provider, of whom many are thought/known to be compromised or otherwise mishandle your data. I would argue VPN providers may even be more appropriately situated/equipped to analyze/hand over your data more easily than your local ISP.

Also, SSH does have some obscure design "issues" that might be applicable depending on your threat model, for example one can check if a user has a certain key on the remote end, if you care about that. There's probably more.

[โ€“] [email protected] 1 points 7 months ago

It's true there's a trust shift; you have to trust someone, even if you're self- hosting your endpoint (unless you also own the hardware the endpoint is running on). The difference is that I can vet my VPN provider, look at third party reviews, and some even get audits... whereas it's been proven that Comcast and Verizon are inserting trackers into your packet data and selling the results.

Can you elaborate a little on why you think a VPN provider is better equipped to analyze or hand over data? On what basis?