On Thu, Dec 6, 2012 at 1:28 PM, Brian Wood <woodbrian77 at gmail.com> wrote: > > I'm working on an on line code generator that's implemented > as a 3-tier system. The data passed between the middle and > back tiers includes files -- > http://webEbenezer.net/build_integration.html > . I'm starting to use tunneling to encrypt the messages between > the back and middle tiers. It would be helpful to see how others > have documented and scripted their use of ssh tunneling with > their service. For a service like this, it's quite likely that IPSec is a better solution. SSH is great for one-off administrative things, when you have control over both ends of the tunnel. For offering services to customers, though, I'd greatly prefer IPSec, likely in transport mode. Using IPSec will enable you to implement access control and routing rules much easier than by using SSH tunnels.