OpenSSH and OpenVPN have nearly identical attack vectors with regard to MITM.
Perhaps in theory, but in practice I would argue otherwise. Why?
Most SSH configurations require key verification and are rarely modified otherwise.
By contrast many OpenVPN configurations, statistically, have MITMable keys, and as they tend to be written from scratch the likelihood of these configurations in the wild is much higher.
With regards to SSH tunnel longevity, try specifying the ServerAliveInterval and ServerAliveCountMax options.
Perhaps in theory, but in practice I would argue otherwise. Why?
Most SSH configurations require key verification and are rarely modified otherwise.
By contrast many OpenVPN configurations, statistically, have MITMable keys, and as they tend to be written from scratch the likelihood of these configurations in the wild is much higher.
With regards to SSH tunnel longevity, try specifying the ServerAliveInterval and ServerAliveCountMax options.