As far as I am aware....
IPsec works at the Internet layer while SSH works at the application layer.
SSH is essentially an encrypted telnet session, whereas IPSec selectively encrypts any type of traffic based upon a set of rules that you define.
IPsec provides two ways to protect upper protocols: "traffic" and "tunnel". When protecting connections with SSH, the traffic is tunnelled.
IPsec is transparent to the user, whereas using SSH to protect connections requires some action from the user.
As far as security goes, they can both be configured to use the same keys and encryption algorythms, so there should be no concerns there.
If you are going to be connecting windows clients, IPSec is easy to configure and more to the point, requires little user knowledge.
SSH is handy for a single remote admin connection, rather than a complete VPN solution.
|