From owner-freebsd-questions@FreeBSD.ORG  Tue May  3 14:34:16 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 28CD21065679
	for <freebsd-questions@freebsd.org>;
	Tue,  3 May 2011 14:34:16 +0000 (UTC) (envelope-from mark@msen.com)
Received: from shell.msen.com (msen.com [148.59.86.2])
	by mx1.freebsd.org (Postfix) with ESMTP id E45BD8FC17
	for <freebsd-questions@freebsd.org>;
	Tue,  3 May 2011 14:34:15 +0000 (UTC)
X-Sent-To: <freebsd-questions@freebsd.org>
Received: from [192.168.1.108] (c-68-40-255-141.hsd1.mi.comcast.net
	[68.40.255.141]) (authenticated bits=0)
	by shell.msen.com (8.14.3/8.14.3) with ESMTP id p43EMmJ7009936
	(version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT)
	for <freebsd-questions@freebsd.org>;
	Tue, 3 May 2011 10:22:55 -0400 (EDT) (envelope-from mark@msen.com)
Message-ID: <4DC00FB5.7080306@msen.com>
Date: Tue, 03 May 2011 10:22:45 -0400
From: Mark Moellering <mark@msen.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US;
	rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: FreeBSD <freebsd-questions@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Received-SPF: Pass (sender authenticated); receiver=msen.com;
	client-ip=68.40.255.141; envelope-from=<mark@msen.com>
Received-SPF: Pass (sender authenticated); receiver=msen.com;
	client-ip=68.40.255.141; helo=[192.168.1.108]
X-Milter: Spamilter (Reciever: shell.msen.com; Sender-ip: 68.40.255.141;
	Sender-helo: [192.168.1.108]; )
Subject: OT: Security question (openssl vs openssh)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2011 14:34:16 -0000

Everyone,
I am looking into setting up a webserver to hold some very sensitive 
information.  I am trying to figure out which is more secure, forcing 
any web connections to be done using an ssh tunnel or forcing ssl.
I have not been able to figure out if one is definitively much more 
secure than another or if they are close to the same.  I would have 
initially thought the ssh tunnel was more secure but knowing that ssl 
can use AES-256, I am now wondering if that isn't adding a complexity 
for little extra security.

Thanks in advance

Mark Moellering