Contents
Your private key is aptly named “private” because it should never be shared with others. The key intended for distribution is also aptly named as the “public” key. You cannot encrypt the data with a private key.
Is private key machine specific?
Yes, that’s perfectly legitimate. ssh keys don’t care where they were generated, and it’s fine to have them on multiple machines at once. Try giving the ssh client the “-v” or “-vv” option (for verbose output) and check the server’s ssh log to debug the problem.
How to securely share key between two remote devices?
The Client generates a (random) shared key using some (presumed) good IV and strong pseudo-random algorithm suitable for symmetric encryption (e.g. AES). The Client generates a payload in which the Client (sender) is identified, associated with its public-key on the server (receiver) side.
Now the both the Client and the Server know the shared key. At this point, the Client and the Server can both use the shared key for further communication. At some point the session is over and the shared key is disposed. Every session requires a new shared key. Thanks for contributing an answer to Information Security Stack Exchange!
Just place the public key in the remote machine’s ~/.ssh/authorized_keys file for passwordless entry. Don’t share the private key though. The keys are just for authentication. You can log on as many times as you wish with the same key, so long as you can log on with that private key once.
What happens when you copy a private key to a new system?
Every time you copy your private key to a new system, you increase your risk of exposure because copied private keys are less secure than the weakest system they live on (because the other systems aren’t invulnerable either). If your laptop gets stolen, you need to revoke all private keys (and saved passwords) that were stored there.