I just wanted gain clarity of my understanding on ssh communication. Are these keys needed only for authentication of a ssh session or they are needed also for data encryption of the session messages between a user machine and ssh server. If so, then only the response messages are encrypted (these ones which the user receive), because the ssh server holds the public key and can only encrypt data, but cannot decrypt. I.e. since the user machine holds public and private keys it can decrypt received and encrypt sent messages. But the ssh server can only encrypt, so it is supposed to receive raw messages rather than encrypted. Am I right or is there any other encryption method that covers the transfer of messages from user machine into ssh server? I guess that there is another public-private pair which is transfered automatically so that the communication is entirely encrypted.
User machine -> can encrypt, can decrypt (can read encrypted messages)
SSH server -> can encrypt (cannot read encrypted messages)
Asymmetric keypairs (the public and private keys) have several uses in an active SSH session:
The first two (authn and packet signing) rely on the bidirectional nature of the asymmetric keypair: anything encrypted with one key (public or private) can only be reasonably decrypted with the other key. If you trust that I'm handling my private key securely, and that the public key you have is really mine, and that the keys and algorithm are strong enough, then you can therefore trust the following: