How to find conflicting SSH access keys
When trying to add an SSH key for a user the following error occurs: "This SSH key is already used to access a repository or project"
In a large instance of Bitbucket Server it can be difficult finding which repositories and/or projects use this access key.
Unfortunately there isn't a great way to do this in Bitbucket Server at the moment. It's possible, but it will involve querying your database and making REST API calls.
The easiest way to accomplish this is by running a query similar to the following:
SELECT * FROM <DB_NAME>.AO_FB71B4_SSH_PUBLIC_KEY where KEY_TEXT LIKE '<FIRST_30_OF_KEY>%';
Use the first 30 or so characters of you SSH key to make sure it's unique. This will return the
KEY_ID of that key.
You can then run a REST API call with the endpoint
This example will use 45 as the
You can also use a curl command rather than a URL:
curl -u <username>:<password>-v -X GET -H "Content: application/json" http://localhost:7990/stash/rest/keys/1.0/ssh/<id>/repos curl -u <username>:<password>-v -X GET -H "Content: application/json" http://localhost:7990/stash/rest/keys/1.0/ssh/<id>/projects
This will return a list of repositories or projects that use this key. You can then use REST API to delete those keys or manually delete them from the UI if there aren't many.
If you want to delete all access keys with the same ID you can use a curl command like the following:
curl -i -u <username>:<password> -X DELETE -H "Content: application/json" -H "Content-Type: application/json" http://stash.instance.com/bitbucket/rest/keys/1.0/ssh/10
Please see our documentation here for more REST API endpoints related to SSH keys.