What exactly does ssh send when performing key negotiation?
Solution 1:
in order to connect to an SSH server and authenticate with your public/private keypair you have to first share your public key with the server.
this is done by copying the public key for your private key to the server, and adding it to ~/ssh/authorized_keys
either by copy/paste, copying id_rsa.pub
to ~/.ssh/authorized_keys
on the server or with cat id_rsa.pub >> ~/.ssh/authorized_keys
, appending it to the list.
when you connect, the server uses your public key to sign a challenge, and your client uses your private key id_rsa
to decrypt the challenge, re-encrypt it with the server's public host key
and send it back.
the host verifies that you decrypted the challenge properly, by decrypting your response with its private key, and the client/host establish an encrypted connection, based on the shared data, not on your public/private keys.
at NO POINT in the exchange is your private key, or the host's private key exchanged or revealed to one another. your public key IS stored on the server, but that's why it is a PUBLIC key.
Solution 2:
Public/Private Key Cryptography is based on a very simple system:
You have a public key that is capable of doing one-way encryption, and a private key that is capable of decryption. The public key can then be given to everyone in the world, and no one will be able to decrypt your encrypted data, though they WILL be able to encrypt data that you can decrypt with your private key.
So the answer to your question is, "Your public key."
Solution 3:
I don't think it should actually be sending the public or private key at this time. An encryption should be performed by the client using the private key on plaintext that is already known to the server. The host can decrypt this message using the public key, knowing that the only one that could have encrypted it properly is a client that holds the corresponding private key, thus authenticating the client.
I believe it says Offering public key: ./id_rsa
because it uses the private key (stored in ./id_rsa
) to perform an encryption on plaintext that is known by the server and then the server will use the public key to decrypt this ciphertext and confirm that it matches the plaintext. The public key file ./id_rsa.pub
should never be needed by the client after the initial key generation. This is only used by the server for decryption.