ssh 密钥登录的时候，服务端是怎么判断客户端是 authorized_keys 文件里的哪一个公钥的？

一直以为在 session key 生成后，客户机用 session key 加密传给服务机的是客户机公钥，然后服务机 session key 解密后得到公钥，比对服务机里的~/.ssh/authorized_keys 里的公钥，找到就用它加密随机数给客户机，客户机再用自身私钥解密得到随机数，最后用 session key 加密传回服务机，完成比对即可密钥登录。

基于上面的理解，一直用 secureCRT 登录的时候用的 identity.pub （指定文件）。但今天突然发现,指定文件填 identity(私钥，不带.pub)就可以登录， identity.pub 删掉也没事。

所以 session key 生成后，客户机传给服务机的是什么？

google 了一下： https://www.digitalocean.com/community/tutorials/understanding-the-ssh-encryption-and-connection-process 这篇文章有描述这个过程。

里面的部分描述：在 session key （会话密钥）生成后
1.The client begins by sending an ID for the key pair it would like to authenticate with to the server.
2.The server check's the authorized_keys file of the account that the client is attempting to log into for the key ID.
3.If a public key with matching ID is found in the file, the server generates a random number and uses the public key to encrypt the number.
4.The server sends the client this encrypted message.
5.If the client actually has the associated private key, it will be able to decrypt the message using that key, revealing the original number.
6.The client combines the decrypted number with the shared session key that is being used to encrypt the communication, and calculates the MD5 hash of this value.
7.The client then sends this MD5 hash back to the server as an answer to the encrypted number message.
8.The server uses the same shared session key and the original number that it sent to the client to calculate the MD5 value on its own. It compares its own calculation to the one that the client sent back. If these two values match, it proves that the client was in possession of the private key and the client is authenticated.

步骤 1 的 sending an ID for the key pair.这个 ID 指的啥？欲登录的用户名？如果是欲登录用户名，那 authorized_keys 文件里存在多个这个用户名的情况呢？

所以服务端到底是怎么判断客户端是 authorized_keys 文件里的哪一个公钥的？