How is SSH authentication phased in?

briefly and selectively, referring only to the files mentioned:

1. the server tells the client its rsa public key ( /etc/ssh/ssh_host_rsa_key.pub )
2. the customer checks it against the corresponding line in ~/.ssh/known_hosts
3. the client informs the server that the public key key.pub (however, if this file is missing, then everything you need can be extracted from the key file - see below)
4. the server checks it sequentially with all the lines in ~/.ssh/authorized_keys

note.

We locally have two keys: key , key.pub

judging by the file names, it’s about one rsa key, not two.

in the second file, really, only the pair {e,n} is stored (using the example terminology in the wikipedia article about rsa ), and in the first file, both e and n and d are stored, that is, formally speaking, not only the secret key, but also the public key. therefore, the key.pub file is easy to restore, having only the key file, and the pair {e,n} is stored in a separate file, as far as I understand, only for the convenience of the user.

for illustration, here are the key parts of the file:

 $ openssl rsa -in key -text -noout | sed '/^ /d' Private-Key: (2048 bit) modulus: publicExponent: 65537 (0x10001) privateExponent: prime1: prime2: exponent1: exponent2: coefficient: 

and here are the components of the key.pub file (well, only saved under the name key.pem in a format understood by the openssl program):

 $ openssl rsa -in key.pem -text -pubin -noout | sed '/^ /d' Public-Key: (2048 bit) Modulus: Exponent: 65537 (0x10001) 

It can be seen that in the key.pub file, as well as the “rely” for the public key, there are two components: e ( exponent ) and n ( modulus ).

and in the key file, as in Greece, “there is everything”: not only the pair n ( modulus ) and d (as far as I understand the difference in terminology, is publicexponent ), but also the same e ( publicexponent ), and many other things.