When I encrypt a message with the public key, can I read it with the same public key

First thing after establishing the TCP connection, both systems agree on a session key, using such protocols as DH key exchange, ECDH or GSSAPI. This key is symmetric and temporary – both sides use the same key to encrypt and decrypt data using such algorithms as AES or RC4.

The client keypair is never used for encrypting data, only for authentication – "publickey" is one of several available methods, where the client presents its own public key along with proof of private-key ownership. Similarly, the server keypair is only used for authenticating the server during DH or ECDH key exchanges; no data is encrypted using it.

The SSH2 protocol is documented in several RFCs, including:

• RFC 4253 – Secure Shell (SSH) Transport Layer Protocol
  • section 7 – "Key Exchange"
  • section 8 – "Diffie-Hellman Key Exchange"
• RFC 4419 – Diffie-Hellman Group Exchange
• RFC 4432 – RSA Key Exchange
• RFC 4462 – GSSAPI Authentication & Key Exchange

It's possible to convert your ssh public key to PEM format(that 'openssl rsautl' can read it):

Example:

ssh-keygen -f ~/.ssh/id_rsa.pub -e -m PKCS8 > id_rsa.pem.pub

Assuming 'myMessage.txt' is your message which should be public-key encrypted.

Then just encrypt your message with openssl rsautl and your converted PEM public-key as you would normally do:

openssl rsautl -encrypt -pubin -inkey id_rsa.pem.pub -ssl -in myMessage.txt -out myEncryptedMessage.txt

The result is your encrypted message in 'myEncryptedMessage.txt'

To test your work to decrypt the with Alice' private key:

openssl rsautl -decrypt -inkey ~/.ssh/id_rsa -in myEncryptedMessage.txt -out myDecryptedMessage.txt