It depends on how that jump box is configured, audited, etc. Do you know that your users aren't leaving their keys on laptops that don't have drive encryption, don't have passwords on the keys, etc? Are you forcing 2fa? A lot of these other solutions offer many more deeper enforced protections with better auditing than just an ssh jump box.
I'm also not really a fan of leaving things with a shell connection on the net, again part of configuration. If you can root the ssh server, you could likely root a vpn box.
Also, I guess, I'm sorry, you're not allowed to ask questions on HN anymore. Thanks for the drive by down vote.
