As far as I know about SSH authentication and according to many of explanations with Alice and Bob, there is some major steps:
I hope some of you help me to understand how then GitHub server knows which public key to pick in step 2 when I clone arbitrary repository over SSH protocol? It has millions of user public keys to choose from. And a user could have installed a number of private keys on his machine.
The protocol is bit a more involved than you think. The manpage describes that the client tells the server which key it wants to use:
The file ~/.ssh/authorized_keys lists the public keys that are permitted for logging in. When the user logs in, the ssh program tells the server which key pair it would like to use for authentication. The client proves that it has access to the private key and the server checks that the corresponding public key is authorized to accept the account.
The relevant SSH rfc details that the client actually sends the whole public key with a SSH_MSG_USERAUTH_REQUEST
request.
With the public key github should be able to look the corresponding user in the majority of cases. I don't know what happens when two accounts share a key, though.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With