-1

Assume I have set up public/private key authentication in ssh.

  1. Is it correct that the ssh server possesses the public key but not the private key, while the ssh client possesses both the public and private keys?

  2. How are public and private keys used in communications via ssh protocol?

    • When I on ssh client side initiate a communication by running a command to connect to the ssh server via ssh protocol, is this initial message from me to the server encrypted with the public key or private key?

      When the ssh server receives this initial message, does it use the public key to decrypt the initial message, which sounds very odd because everyone can have the public key and thus can decrypt the initial message?

    • If the command that I sent to connect to the server is to scp some file from the server to my local host, when the ssh server sends out the requested file to me, is the public key used to encrypt the file?

      When ssh client receives the encrypted file, is the private key used to decrypt the file?

    • Are public and private keys used only during authentication, not after authentication finishes?

      If that's correct, is some type of encryption on messages to be sent and decryption on messages received used for the communication between ssh server and client, after authentication?

Thanks.

Improve this question
2
  • Although I can't completely answer the question, I will note that the SSH server itself has a public and private key. When the client initiates a connection, the sever sends its public key to the client, and the client encrypts its messages to the server using the server's public key.
    – saiarcot895
    Commented Jun 15, 2016 at 13:17
  • 1
    SSH handshake process explained
    – jijinp
    Commented Jun 15, 2016 at 13:30

1 Answer 1

Reset to default
3
  1. Is it correct that the ssh server possesses the public key but not the private key, while the ssh client possesses both the public and private keys?

Yes, if you talk about authentication keys. There are also host keys, where the possession is opposite -- server has both and client has only the public key.

  • When I on ssh client side initiate a communication by running a command to connect to the ssh server via ssh protocal, is this initial message from me to the server encrypted with the public key or private key?

No. Initial message is not encrypted. The communication later, after key exchange, is encrypted with keys derived from shared secret (session key), which is a result of DH key exchange (of some kind).

When the ssh server receives this initial message, does it use the public key to decrypt the initial message, which sounds very odd because everyone can have the public key and thus can decrypt the initial message?

Decryption is done using private key (verification of signature is done using public one).

  • If the command that I sent to connect to the server is to scp some file from the server to my local host, when the ssh server sends out the requested file to me, is the public key used to encrypt the file?

No, as in the previous. The file (whole session) is encrypted by the "session key"

When ssh client receives the encrypted file, is the private key used to decrypt the file?

No and no.

  • Are public and private keys used only during authentication, not after authentication finishes?

Yes

If that's correct, is some type of encryption on messages to be sent and decryption on messages received used for the communication between ssh server and client, after authentication?

Not sure what is meant by this question. The session is encrypted with symmetric cipher (usually AES) with secret key gained from the key exchange above.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.