To me, the advantage of SSH is I know I can connect into the machines from anywhere in the world. I'm happy to, if necessary, mess with keys to get this level of access, but I'm not happy to say "I can only connect from this netblock and these two other IPs."
There is another alternative, which seems fairly quaint at first: port knocking. I wasn't convinced of its usefuless to start with, but it's growing on me. Before you can connect to a host, you have to send a specially crafted "knock" sequence, and the receiving host then opens up a specific, short lived firewall rule for you to access your service. The initial description refers to a sequence of SYN probes, but this could just as easily be a packet to a specific port containing a particular sequence of bytes (aka, a password).
When you consider the proliferation of SSL VPN technology (such as OpenVPN) these days, why is a VPN any different to SSH itself? They are both SSL encrypted connections. Running telnet over a SSL VPN sounds exactly like using SSH to me. Why add extra complexity?
They aren't quite the same thing. If you want to run terminal + database + random app + whatever over the public intenet, you could set up multiple SSH port forwards, or you could set up one VPN. We all know this though.