How to find conflicting SSH access keys

Still need help?

The Atlassian Community is here for you.

Ask the community


When trying to add an SSH key for a user the following error occurs: "This SSH key is already used to access a repository or project"

In a large instance of Bitbucket Server it can be difficult finding which repositories and/or projects use this access key.


Unfortunately there isn't a great way to do this in Bitbucket Server at the moment. It's possible, but it will involve querying your database and making REST API calls.

The easiest way to accomplish this is by running a query similar to the following:



Use the first 30 or so characters of you SSH key to make sure it's unique. This will return the KEY_ID of that key.
You can then run a REST API call with the endpoint /rest/keys/1.0/ssh/<KEY_ID>/projects and /rest/keys/1.0/ssh/<KEY_ID>/repos.


This example will use 45 as the KEY_ID


You can also use a curl command rather than a URL:

curl -u <username>:<password>-v -X GET -H "Content: application/json" http://localhost:7990/stash/rest/keys/1.0/ssh/<id>/repos
curl -u <username>:<password>-v -X GET -H "Content: application/json" http://localhost:7990/stash/rest/keys/1.0/ssh/<id>/projects


This will return a list of repositories or projects that use this key. You can then use REST API to delete those keys or manually delete them from the UI if there aren't many.


If you want to delete all access keys with the same ID you can use a curl command like the following:

curl -i -u <username>:<password> -X DELETE -H "Content: application/json" -H "Content-Type: application/json"

Please see our documentation here for more REST API endpoints related to SSH keys.

Last modified on Apr 6, 2016

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.