I need some basics about SSH, to help me understand the process of SSH connecting.
I have Ubuntu server on my virtualbox and Ubuntu desktop on my host. I've established connection with my VM by adding id_rsa.pub to authorized_keys on the remote (added by ssh-copy-id). id_rsa.pub is generated by ssh-keygen as well as id_rsa.
I successfully connect to my remote without typing the password, but I don't understand when exactly and why need the file id_rsa which is stored along to id_rsa.pub?
I tried to delete this private key, but in spite of this the connection still works! In my mind, this file doesn't need to establish connection with my VM.
To "explore" how
sshis working, you can use theverboseflags. For example,will give information on the handshake. You can use multiple
v, with a maximum of three, to have even more debugging info:Nevertheless, the link of the wikipedia page posted by @darent is worth reading to understand the asymmetric key encryption. A lot of useful links on the details can be found in this question on SuperUser.
Let me try to explain this with an example. Suppose I trust you and want you to SSH into my computer and do something. I can tell you my password or you can give me your public key.
If you give me your public key, when you try to log into my computer, your SSH client will use your private key to generate the encrypted authentication request at your end and send it to my computer. My computer will use your public key to decrypt the encrypted authentication request and thus authenticate that it is you and not someone else trying to break into my computer.
Note: The private-public key pair is not used to encrypt the transmission between two computers. So once the connection is established the keys are not needed until the connection is terminated and a new connection is attempted. SSH has its own internal data encryption system in place that does not depend on the private-public key pair.
So, by accepting your public key, I have trusted you to enter my computer. If you ever break my trust I will delete your public key from my computer. Then you will not be able to SSH into my computer any more.
If you give your private key to someone else (or if someone steals it) then that person will be able to pretend to be you. If I find out that you have given your private key to someone else, I will delete your public key from my computer. Then neither you nor the other person will be able to SSH into my computer.
The public key you gave me is useless if I try to SSH into your computer, as it only good for decrypting information you generate with your private key. If you want me to SSH into your computer, you will have to put my public key in the right place in your computer.
Ubuntu stores your private keys in password management software called Password and Encryption Keys:
Note, the middle tab My Personal Keys. This to protect your private key from being stolen (and from accidentally deleting your private key).
Here is more information about the Seahorse password manager.
Hope this helps
You are not supposed to manually "use" your private key. The public/private cryptography is based in using two keys, one that goes public and another that stays in your computer, the private one.
Whenever somebody has to send you an encrypted message, or you have to use authentication, like SSH does, it will use the public key to encrypt the data. Once you get the data, the only key that can decrypt them is the private one.
Think of it as if you had two keys: Whatever is locked with one key, can only be unlocked with the opposite. So don't delete your private key because that would render the public one useless.
If you want to learn more you can check this link to Wikipedia, it has a good explanation about asymmetric key encryption.
Do you mean you deleted the private key on the server? If that's the case it's only used when sshing FROM that server. It would have no impact on sshing TO that server.