Connexion ssh renvoie "Permission denied (publickey)"

Lume51 Messages postés 26 Date d'inscription Statut Membre Dernière intervention -
brucine Messages postés 21930 Date d'inscription Statut Membre Dernière intervention - 25 sept. 2025 à 06:55

Bonjour,

J'ai consulté en vain les posts du forum concernant les difficultés rencontrées pour se connecter avec ssh avec Linux Mint 22.1

J'ai un Raspberry 3 model B que je veux utiliser comme serveur. Tout fonctionnait bien jusqu'au moment où la connexion a affiché

 "Permission denied (publickey)

J'ai cherché la solution dans un grand nombre d'es articles sur Internet, sans succès. J'ai donc reconfiguré la carte avec Raspberry Pi Imager mais la connexion reste toujours impossible.

Des infos indispensables

Relance de ssh

bernard@bernardlm:~$ sudo systemctl reload ssh
bernard@bernardlm:~$ sudo systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
     Loaded: loaded (/usr/lib/systemd/system/ssh.service; enabled; preset: en>
     Active: active (running) since Wed 2025-09-24 07:17:54 CEST; 1h 15min ago
TriggeredBy: ● ssh.socket
.....
>
sept. 24 08:33:01 bernardlm sshd[1597]: Received SIGHUP; restarting.
sept. 24 08:33:01 bernardlm sshd[1597]: Server listening on 0.0.0.0 port 22.
sept. 24 08:33:01 bernardlm sshd[1597]: Server listening on :: port 22.
lines 1-25/25 (END)

Extraits

USER@USERlm:~$ ssh -vvv  ***@***
OpenSSH_9.6p1 Ubuntu-3ubuntu13.14, OpenSSL 3.0.13 30 Jan 2024
debug1: Reading configuration data /home/USER/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config

.....................


debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug3: ssh_get_authentication_socket_path: path '/run/user/1000/keyring/ssh'
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 2 keys
debug1: Will attempt key: /home/USER/.ssh/id_ecdsa ECDSA SHA256:XXXXXXXXXXXXXXXX agent
debug1: Will attempt key: /home/USER/.ssh/id_ed25519 ED25519 SHA256:XXXXXXXXXXXXXXXXXXX agent
debug1: Will attempt key: /home/USER/.ssh/id_rsa
debug1: Will attempt key: /home/USER/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/USER/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/USER/.ssh/id_xmss
debug1: Will attempt key: /home/USER/.ssh/id_dsa
debug2: pubkey_prepare: done
debug1: Offering public key: /home/USER/.ssh/id_ecdsa ECDSA SHA256:XXXXXXXXXXXXXXXX agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Offering public key: /home/USER/.ssh/id_ed25519 ED25519 SHA256:XXXXXXXXXXXXXXXXXXXXXX agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/USER/.ssh/id_rsa
debug3: no such identity: /home/USER/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /home/USER/.ssh/id_ecdsa_sk
debug3: no such identity: /home/USER/.ssh/id_ecdsa_sk: No such file or directory
debug1: Trying private key: /home/USER/.ssh/id_ed25519_sk
debug3: no such identity: /home/USER/.ssh/id_ed25519_sk: No such file or directory
debug1: Trying private key: /home/USER/.ssh/id_xmss
debug3: no such identity: /home/USER/.ssh/id_xmss: No such file or directory
debug1: Trying private key: /home/USER/.ssh/id_dsa
debug3: no such identity: /home/USER/.ssh/id_dsa: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
***@***: Permission denied (publickey).

bernard@bernardlm:~/.ssh$ ls -l
total 24
-rw------- 1 bernard bernard    0 sept. 23 07:21 authorized_keys
-rw-r--r-- 1 bernard bernard    0 sept. 23 14:41 config
-rw------- 1 bernard bernard  736 sept. 23 09:45 id_ecdsa
-rw-r--r-- 1 bernard bernard  271 sept. 23 09:45 id_ecdsa.pub
-rw------- 1 bernard bernard  411 sept. 23 09:46 id_ed25519
-rw-r--r-- 1 bernard bernard   99 sept. 23 09:46 id_ed25519.pub
-rw-r--r-- 1 bernard bernard  426 sept. 22 21:55 known_hosts
-rw-r--r-- 1 bernard bernard    0 sept. 23 09:05 known_hosts2

bernard@bernardlm:~$ ssh-copy-id XXX@192.168.1.250
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 2 key(s) remain to be installed -- if you are prompted now it is to install the new keys
XXX@192.168.1.250: Permission denied (publickey).

Je n'ai pas trouvé comment répondre à

/usr/bin/ssh-copy-id: INFO: 2 key(s) remain to be installed -- if you are prompted now it is to install the new keys

J'ai également modifié le fichier /etc/ssh/sshd_config (extraits)

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

Include /etc/ssh/sshd_config.d/*.conf

# When systemd socket activation is used (the default), the socket
# configuration must be re-generated after changing Port, AddressFamily, or
# ListenAddress.
#
# For changes to take effect, run:
#
   systemctl daemon-reload
   systemctl restart ssh.socket
#
Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

PubkeyAuthentication yes

Il y a peut-être un pb de droits qui m'a échappé.

Merci à tous.

Linux / Firefox 143.0

Afficher la suite

A voir également:

Connexion ssh renvoie "Permission denied (publickey)"
Gmail connexion - Guide
Connexion chromecast - Guide
Vers quelle adresse web renvoie ce lien - Guide
Gmail connexion autre compte - Guide
Ssh download - Télécharger - Divers Web & Internet

2 réponses

Réponse 1 / 2

brucine Messages postés 21930 Date d'inscription Statut Membre Dernière intervention 3 484

Bonjour,

Je ne sais pas.

Un tuto pour mettre en place les clés publique et privée avec Linux Mint (le problème semble résider au moins dans la création des clés privées)?

https://cloudspinx.com/how-to-use-ssh-and-ssh-keys-on-linux-mint/

Réponse 2 / 2

Lume51 Messages postés 26 Date d'inscription Statut Membre Dernière intervention 2

Bonsoir,

J'ai bien regardé le tuto sans trouver la solution.

J'ai constaté quelque chose qui pourrait me / nous mettre sur la piste.

bernard@bernardlm:~$ ssh-copy-id XXX@XXX
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 3 key(s) remain to be installed -- if you are prompted now it is to install the new keys
***@***: Permission denied (publickey).

Lorsque je copie une autre clé, j'obtiens ça. Je ne sais pas comment faire pour copier les autres formats de clé (est-ce utile d'en installer d'autres car mon site est modeste et non marchand et comment supprimer celles déjà installées ( voir à la fin)

bernard@bernardlm:~$ ssh-copy-id_ecdsa XXX@XXX
ssh-copy-id_ecdsa : commande introuvable

Extraits des logs de ssh XXX@192.168.1.250 -v

debug1: Authenticating to 192.168.1.250:22 as 'XXX'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ***@***
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: ***@*** MAC: <implicit> compression: none
debug1: kex: client->server cipher: ***@*** MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:YXXXXXXXXXX
debug1: Host '192.168.1.250' is known and matches the ED25519 host key.

La connexion au serveur fonctionne

debug1: Host '192.168.1.250' is known and matches the ED25519 host key.

debug1: Found key in /home/bernard/.ssh/known_hosts:3
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: ssh_packet_read_poll2: resetting read seqnr 3
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,***@***,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,***@***,***@***,ssh-dss,ssh-rsa,rsa-sha2-256,rsa-sha2-512>
debug1: kex_ext_info_check_ver: ***@***=<0>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey

debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 3 keys
debug1: Will attempt key: /home/bernard/.ssh/id_ed25519 ED25519 SHA256:XXXXXXXXXXXXXXXagent
debug1: Will attempt key: /home/bernard/.ssh/id_rsa RSA SHA256:XXXXXXXXXXXXXXX agent
debug1: Will attempt key: bernard@bernardlm ED25519 SHA256:XXXXXXXXXXXXXX agent
debug1: Will attempt key: /home/bernard/.ssh/id_ecdsa
debug1: Will attempt key: /home/bernard/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/bernard/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/bernard/.ssh/id_xmss
debug1: Will attempt key: /home/bernard/.ssh/id_dsa
debug1: Offering public key: /home/bernard/.ssh/id_ed25519 ED25519 SHA256:XXXXXXXXXXXXXXXX agent
debug1: Authentications that can continue: publickey
debug1: Offering public key: /home/bernard/.ssh/id_rsa RSA SHA256:XXXXXXXXXXXXXX agent
debug1: Authentications that can continue: publickey
debug1: Offering public key: bernard@bernardlm ED25519 SHA256:XXXXXXXXXXXXXXXXXXXX agent
debug1: Authentications that can continue: publickey

Trois clés sont acceptées :

id_ed25519, id_rsa, bernard@bernardlm ED25519 ( je ne comprends pas bien le nom qui ne commence pas par "id".)

debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 3 keys
debug1: Will attempt key: /home/bernard/.ssh/id_ed25519 ED25519 SHA256:XXXXXXXXXXXXXXXagent
debug1: Will attempt key: /home/bernard/.ssh/id_rsa RSA SHA256:XXXXXXXXXXXXXXX agent
debug1: Will attempt key: bernard@bernardlm ED25519 SHA256:XXXXXXXXXXXXXX agent
debug1: Will attempt key: /home/bernard/.ssh/id_ecdsa
debug1: Will attempt key: /home/bernard/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/bernard/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/bernard/.ssh/id_xmss
debug1: Will attempt key: /home/bernard/.ssh/id_dsa
debug1: Offering public key: /home/bernard/.ssh/id_ed25519 ED25519 SHA256:XXXXXXXXXXXXXXXX agent
debug1: Authentications that can continue: publickey
debug1: Offering public key: /home/bernard/.ssh/id_rsa RSA SHA256:XXXXXXXXXXXXXX agent
debug1: Authentications that can continue: publickey
debug1: Offering public key: bernard@bernardlm ED25519 SHA256:XXXXXXXXXXXXXXXXXXXX agent
debug1: Authentications that can continue: publickey

Les clés aux formats id_ecdsa_sk,id_ecdsa,id_ed25519_sk, id_xmss, id_dsa n'ont pas été copiées.

Est-il possible de les supprimer du serveur en sachant que la connexion fonctionne ? Sinon, comment copier les clés à ces formats du PC vers le serveur ?

Je regarde How to remove ssh keys? J'arrête pour aujourd'hui !!

brucine Messages postés 21930 Date d'inscription Statut Membre Dernière intervention 3 484

Bonjour,

Comme dit, c'est un domaine où je ne suis pas très compétent.

Sur la commande ssh-copy-id il y a une erreur de syntaxe, il ne doit pas y avoir autre chose qu'un espace avant l'identifiant à suivre username @ remote-user-IP

Seule la clé publique est en principe copiée vers le serveur selon lien précédent.

Pour y supprimer une clé voir:

https://www.hostragons.com/en/blog/linux-ssh-key-removal/

Discussions similaires

CONNEXION IMPOSSIBLE SUR CERTAINS SITES

Code de renvoi d'appel : Ooredo, Mobilis...

Renvoie code ooredoo

Code Pour Renvoi D'appel Et Mesage

code de renvoie

Votre réponse

Discussions similaires