SSH tunnel through Anonymous VPN?

Is there any technical issue with using an SSH tunnel via a commercial anonymous VPN?

i.e. does the SSH encryption operate at a higher level in the TCP/IP stack, so that outgoing packets would:

1) first be encrypted by the SSH connection
2) then wrapped in an encrypted packet by the commercial VPN (e.g. Xerobank, SwissVPN)
3) forwarded to the VPN's server, unwrapped, then
4) the SSH encrypted packet is forwarded to its destination

The point is whether the SSH encrypted packet would be readable by the commercial VPN, or whether it would remain encrypted all the way to its ultimate destination (and vice versa on the return route)? I assume that whether this is the case depends on whether SSH encryption takes place prior to the SSL VPN encryption/wrapping?

Thanks for any input.

 

Hello,

SSH works like this:

-Client contacts the server and downloads the public key.
-Client decides to accept the key; if not, the connection is terminated.
-Encryption is established between server and client. The strength of this encryption depends on the length of the key and the encryption algorithm.
-Client must authenticate against the server using a passphrase. The communication is secure. If the client authenticates correctly, the session begins and data transfer can be established.

Additional programs can be run on top of SSH, for example, using stunnel. Other applications incorporate some sort of encryption by using the OpenSSL libraries.

This is the most basic explanation. I can go into super details, the question is, do you need it?

Now, if you type "how ssh works" in google, you'll get plenty of answers.

Another thing you might want to look at is OpenVPN, maybe IPSEC.

Mrk

 

re: ssh, I use remote desktop to connect from work pc (xp) to home pc (vista home premium). Since vista home premium does not have the capability to receive remote logins, I had to make some tweaks.
Would it be better to create a tunnel using a program like putty and connecting to remote desktop that way, or is that not necessary? I guess it comes down to how secure remote desktop is, which I don't know. I've considered using putty to connect to an ssh server (as explained above). Suggestions?

 

Fontaine,

SSH inside VPN is fine. You won't be exposing anything you weren't exposing before to an ISP. As long as the authentication method is secure, no problem.

Think of it like a 10" straw inside a 6" pipe.

 

I appreciate the reply Mrk. I'm kind of a newbie at this, so I should probably go and read up more on the technical distinction between SSH and SSL. Kind of difficult to get your head round
Thanks.

 

Thanks for the reply. I've been toying with SSL-explorer.