I was doing a refresher on web application security recently and also asked myself the same question, and became pretty annoyed while trying to understand the answer because even the literature itself seems to mix the mathematical theory with real life implementations.
The top-voted answer explains in length but for some reason fails to state it plainly, so I'd like to make a small addition for any applications developer that stumbles upon this. It obvious enough that we should not use private and shared keys interchangeably, as their names suggest. The question here is: the literature definition of private and public key pairs state that:
Only the private key can decrypt a message encrypted with the public key
Only the public key can decrypt a message encrypted with the private key
Why then, can't one be used in place of the other? Which is a completely legitimate question if you take real-world application out of the question, which literature also often tends to do.
The simple answer pertains to the actual implementations of the exchange algorithm in question, i.e. RSA, and is that the public key can be extracted from the private key contents.
The reason for that is when generating a private key file with RSA using pretty much any known tool in actual practice the resulting file contains both exponents, and therefore, both keys. In fact, when using the openssl or ssh-keygen tool, the public key can be re-extracted from the original private key contents at any time: https://stackoverflow.com/a/5246045
Conceptually, neither of the exponents are mathematically "private" or "public", those are just labels assigned upon creation and could easily be assigned in reverse, and deriving one exponent from the other is an equivalent problem from both perspectives. In that sense
Tl;dr *private keys and shared keys are not interchangeable and you must be a good boy and host your private key only on the server/entity that needs to be authenticated by someone else, *and it's equally important to tell you that you should wear a seatbelt while driving your car. The reason why is because generally the private key contents hold information for both keys, and the shared key can be extracted from that. That holds up for pretty much any tool that implements RSA exchange.