Subject: Re: Newbie Question on Private Key

Re: Newbie Question on Private Key

From: John-Mark Gurney <>
Date: Mon, 28 Dec 2020 14:08:59 -0800

Scott Weber wrote this message on Mon, Dec 28, 2020 at 09:15 -0600:
> First correct me if I'm wrong, but the protocol seems to use a PKI, but not
> certificates. So the public/private exchange is used to generate the
> symmetric key, like SSL, but there is no requirement for a CA.

Correct, the host has a public/private key pair, and the user MAY have
a key pair for authentication as well...

> Now connecting as a client, the
> function libssh2_userauth_publickey_fromfile(...)
> requires BOTH the public and private key.
> Why?
> Having both keys out in the wild seems to be a serious security risk.

This is the user's key... The key maybe encrypted, which is why the
passphrase is an argument. If the client doesn't have access to the
user's private key, it cannot sign a statement that the server uses to
verify the public key in .ssh/authorized_keys file...

Note: there is a mode that allows a CA to sign certs that can be used,
but it is not commonly used, but does have some interesting improvements
security wise.

> Also, I've done some testing, and it appears that only the private key is
> needed. I can NULL out the public key. (and yet the function name is "
> ... publickey_fromfile" )
> Again, why?

Also, I'm looking at the man page, and I believe that this doc is wrong
(from docs/libssh2_userauth_password_ex.3):
       publickey - Path name of the public key file. (e.g.
       /etc/ssh/ If libssh2 is built against OpenSSL, this option
       can be set to NULL.

       privatekey - Path name of the private key file. (e.g. /etc/ssh/hostkey)

those e.g. should be ~/.ssh/ and ~/.ssh/id_rsa.. Though it
could be other names as well..

The likely reason the public key can be NULL'd out is that the private key
either contains the public key, or the public key can easily be derived
from the private key (and it is often safest to do so)...

> I have both keys also on the linux server, but it appears (via the conf)
> that the server only uses the public key.
> It would seem that putting the public key "out in the wild" and keeping the
> private key on the server is the normal step, at least when creating SSL
> handshakes.

I think you may have been confused by the above docs, but you are correct
that the host private key should NOT be used, and even if you did, it
would not work...

> Would it function if I placed the private key in the authorized_keys file
> on the server, and used the public key on the client?

No, it would not.

Hope this helps.

  John-Mark Gurney				Voice: +1 415 225 5579
     "All that I will do, has been done, All that I have, has not."
Received on 2020-12-28