As far as I know about SSH authentication and, according to many explanations with Alice and Bob, there are several important steps:
- The client creates a pair of public / private keys and publishes the public key on the server.
- When the server receives a public key authentication request, it generates random data, encrypts it using the client’s public key, and sends it to the client.
- The client decrypts this data using the private key and sends it as an authentication.
I hope that some of you will help me understand how then the GitHub server knows which public key to choose in step 2 when I clone an arbitrary repository using SSH? It has millions of public user keys to choose from. And the user could install several private keys on his computer.
source
share