SFTP has an option "-i" to set the private key to use for public key authentication. However, there does not appear to be an option for which matching public key to use. Surely it must need this to tell the server which public key to use for the challenge.
Why is this and how does it work?
First the file for the 'private' key contains all parts of your key. Both the public and private parts. If delete the local copy of your public key you can simply re-create it from the file that contains the private key. You can see everything for a RSA key with openssl rsa -in filename.id_rsa -text. So you never really need to identify the 'public' portion of a keypair when you have the private key. The private key has all the information.
As for the server authenticating the client. The server isn't encrypting something against the public keys. It is happening the other way. The client sends some information with a signature signed by the private key. The server can verify this using the public keys that it knows about.
https://www.rfc-editor.org/rfc/rfc4252
To perform actual authentication, the client MAY then send a
signature generated using the private key. The client MAY send the
signature directly without first verifying whether the key is
acceptable. The signature is sent using the following packet:
byte SSH_MSG_USERAUTH_REQUEST
string user name
string service name
string "publickey"
boolean TRUE
string public key algorithm name
string public key to be used for authentication
string signature
The value of 'signature' is a signature by the corresponding private
key over the following data, in the following order:
string session identifier
byte SSH_MSG_USERAUTH_REQUEST
string user name
string service name
string "publickey"
boolean TRUE
string public key algorithm name
string public key to be used for authentication
The public key to use is set in the authorized_keys file for the user account on the server to which you connect. It is not set in the client.
is a good read for how this works.
