SSH vs. OpenVPN, which one is faster?

ssh remote-access openvpn

18,939

Solution 1

I would like to have x forwarding functionality as well. SSH provides me with that however it's a little slow over the internet. Would openvpn perform better?

Any forwarding done over an SSH will be subject to the well known TCP-over-TCP problem. The TCP protocol adds a fair amount of overhead because it is a transactional protocol. Using a UDP tunnel which is the OpenVPN default, will allow you to avoid all the issues with tunneling TCP over TCP.

I really doubt it will help much for a forwarded X11 session though. X11 is extremely sensitive to latency and jitter. No tunneling protocol, even the most efficient can overcome latency or over-saturated Internet links.

Solution 2

SSH vs OpenVPN for Tunneling: As long as you only need one TCP port forwarded, SSH is a much faster choice, because it has less overhead.

Solution 3

Have you tried the -C option in ssh to enable compression? You can also set the compression level in the config file as described in the ssh manual for "CompressionLevel". This should use less bandwidth.

I have no experience with openVPN so unfortunately I can't give you a good comparison. I would think that forwarding X could theoretically go faster since it seems to use a lot local X session code in order to display certain windows instead of painting the whole desktop like with VNC. I don't know for sure though.

I'm assuming your using a command like ssh -C -X [email protected] and starting gui programs from the commandline like /usr/bin/firefox.

If you want to tunnel VNC over your ssh session, you can use ssh port forwarding without having to open any further ports in the firewall. You just need a vnc server on the remote host.

ssh -C -L 4000:localhost:5900 [email protected]

(assuming the vnc server is serving on port 5900)

Then open up a vnc client on your local machine and connect it to localhost:4000

I tested both ssh options on my LAN and X-session forwarding far outperformed any of my local VNC tests. I was able to watch youtube videos from one x-session to the other in half-watchable quality. The sound however still played on the original system.

Solution 4

SSH will connect you to your computer. OpenVPN will connect you to your network. It will make it seem as if you are connected directly to your network. This can sometimes cause extra traffic, for example, if your machine suddenly sees its shared network drives, or network printers, it might start talking to them.

If you just want to have remote desktop control, what about one of the many, many VNC variants, that are light weight in size and traffic. You could open and forward a nonstandard port on your router..

View more solutions

18,939

ageis23

Updated on September 17, 2022

Comments

ageis23 almost 2 years

I need to have remote access to my server. I would like to have X Forwarding functionality as well. SSH provides me with that; however, it's a little slow over the internet. Would OpenVPN perform better? Or is there an alternative that would perform better?
- Olli over 13 years
  
  If possible, you should switch from X forwarding to NX or VNC to speed it up. X forwarding is not bandwidth-wise in any sense.
- Fake Name over 13 years
  
  In my experience, VNC is about as bad as X Forwarding. NX is nice, though.
sinni800 over 13 years

True, a VPN is a much more ... sophisticated solution. If you only want remote desktop you shouldn't open a VPN. Also opening a VPN might affect your normal internet connection and network connection :). (It might start going over the VPN). Now I cant decide if I want to vote up you or Zoredache
Dennis Williamson over 13 years

Welcome to the ranks of the Stack Athletes.
Jeff Widman over 8 years

This SO answer says SSH tunneling doesn't have the TCP-over-TCP problem: serverfault.com/a/653748/180974