Access keys
Add access keys to your Bitbucket Cloud repositories to allow a user or service to authenticate when pulling or cloning a repository over SSH. For example, you may want to use an access keys to authenticate with Bitbucket when a build server checks out and tests your code.
An access key has the following features and limitations:
- Grant read-only access to a public or private repository.
- Don't require additional users on your plan.
- Can be added to multiple repositories.
- Can't also be associated with an account.
- Don't require a passphrase when used for automated processes.
Before you can add an access key to a repository, you'll need to generate a unique SSH key just as you would for your individual account.
Step 1. Generate an SSH key
For detailed information on the SSH protocol and generating keys, see Set up an SSH key.
Step 2. Add the private key
For the access key to work with your service, you'll need to add the private key to its system. Where you add the private key depends on the service, but you'll typically add it from its authentication or credentials section. You may need to add the private key to more than one place. For example, if you're using Bamboo to build and test your project, you should add the key to each agent.
To authenticate with an access key as a user, add the SSH key to the ssh-agent locally, just as you would when you're adding the key to your individual account. See Set up an SSH key for more details.
Step 3. Add the public key to your repository
To add an access key to a repository:
In a terminal or Command Prompt, log in to the server where the key is located. Copy the contents of the public key to the clipboard:
Linux
$ cat ~/.ssh/<public_key_file>
Mac OS X
$ pbcopy < ~/.ssh/<public_key_file>
Windows
$ cd <userprofile>/.ssh
$ clip < <public_key_file>
- From Bitbucket, go to the repository and click Settings.
- Click Access keys from the left menu.
- Press Add key.
- From the Add SSH key dialog, enter a Label and paste the public key from the clipboard.
Press Add key. Bitbucket notifies you by email that you added a key to your repository.
If you are using your key for a build system, it is a good idea to confirm the key is working correctly from the service or build server. For example, you can test it by manually cloning the repository using SSH, just as you would normally clone a repository. If you have trouble using your key, see Troubleshoot SSH issues.
Edit an access key
After you add a key, you can edit the key's Label but not the key itself. For security purposes, you need to delete and re-add the key to change the key's contents.