What exactly does ssh send when performing key negotiation?

ssh

Solution 1:

in order to connect to an SSH server and authenticate with your public/private keypair you have to first share your public key with the server.

this is done by copying the public key for your private key to the server, and adding it to ~/ssh/authorized_keys either by copy/paste, copying id_rsa.pub to ~/.ssh/authorized_keys on the server or with cat id_rsa.pub >> ~/.ssh/authorized_keys, appending it to the list.

when you connect, the server uses your public key to sign a challenge, and your client uses your private key id_rsa to decrypt the challenge, re-encrypt it with the server's public host key and send it back.

the host verifies that you decrypted the challenge properly, by decrypting your response with its private key, and the client/host establish an encrypted connection, based on the shared data, not on your public/private keys.

at NO POINT in the exchange is your private key, or the host's private key exchanged or revealed to one another. your public key IS stored on the server, but that's why it is a PUBLIC key.

Solution 2:

Public/Private Key Cryptography is based on a very simple system:

You have a public key that is capable of doing one-way encryption, and a private key that is capable of decryption. The public key can then be given to everyone in the world, and no one will be able to decrypt your encrypted data, though they WILL be able to encrypt data that you can decrypt with your private key.

So the answer to your question is, "Your public key."

Solution 3:

I don't think it should actually be sending the public or private key at this time. An encryption should be performed by the client using the private key on plaintext that is already known to the server. The host can decrypt this message using the public key, knowing that the only one that could have encrypted it properly is a client that holds the corresponding private key, thus authenticating the client.

I believe it says Offering public key: ./id_rsa because it uses the private key (stored in ./id_rsa) to perform an encryption on plaintext that is known by the server and then the server will use the public key to decrypt this ciphertext and confirm that it matches the plaintext. The public key file ./id_rsa.pub should never be needed by the client after the initial key generation. This is only used by the server for decryption.

Related

Nginx redirect from old domain to new with ssl
Is SSH logging capabilities equivalent to su logging for private/public key authentication?
How can I test if my apache server is an open proxy?
AWS NAT vs AWS IGW vs AWS Router
Issues with patching servers remotely using winrm and Microsoft.Update.Session
curl: (35) SSL connect error
How to setup an Intranet site and a FREE alternative to Sharepoint
Find (and kill) old processes
Best practices for choosing fs block size on ext3/4?
Temporary failure in name resolution
Jenkins: Trying to add a dumb slave but the option is missing, any idea how to add it?
CentOS How Much SWAP for 16GB of RAM?