SSH keypair basics

SSH supports username:password based authentication as well as key based authentication. It uses asymmetric encryption, that is, public and private keys both are used.

Key Pair:

• A public key that is copied to the SSH server(s). Anyone with a copy of the public key can encrypt data which can then only be read by the person who holds the corresponding private key. Once an SSH server receives a public key from a user and considers the key trustworthy, the server marks the key as authorized in its authorized_keys file. Such keys are called authorized keys.

• A private key that remains (only) with the user. The possession of this key is proof of the user's identity. Only a user in possession of a private key that corresponds to the public key at the server will be able to authenticate successfully. The private keys need to be stored and handled carefully, and no copies of the private key should be distributed. The private keys used for user authentication are called identity keys. (generally, id_rsa name)

Generating:

ssh-keygen -t rsa -b 4096

^ this generates 4096 bit RSA key pair. Then you give the private key to trusted user and save public key in your authorized_keys file. This way user will be able to SSH onto your machine using private key and the command:

ssh -i id_rsa username@server_ip

Refer this article here to see how SSH key pair allowed privilege escalation in the CTF tryhackme:overpass3