Multiple SSH Keys settings for different Bitbucket Cloud Accounts

Related content

Still need help?

The Atlassian Community is here for you.

Ask the community

Summary


 If you have multiple SSH keys configured to access different Bitbucket accounts, you may encounter the below error while performing Git operations like clone, push, etc.

The requested repository either does not exist or you do not have access. If you believe this repository exists and you have access, make sure you're authenticated.
fatal: Could not read from remote repository.

Cause

When multiple keys are added as identities in the ssh-agent when you try to clone a repository from a bitbucket account, Bitbucket.org may get authenticated from one of the keys which are not authorized to access the repositories and the clone will fail with the above error. This is an expected consequence of the SSH protocol. The client auth happens long before any repository information is available, so the Bitbucket cloud accepts the first valid key that is offered. It's up to the client to provide the correct key when connecting, which the below solution ensures.

Solution

Workaround 1:

Use different top-level directories for personal and official work. The gitconfig includes overrides based on what path your repository resides.


Example contents of global .gitconfig at /Users/<username>/.gitconfig

[includeIf "gitdir:~/organization_code/"]
    path = ~/organization_code/.gitconfig

[includeIf "gitdir:~/personal_code/"]
    path = ~/personal_code/.gitconfig


Example contents of ~/organization_code/.gitconfig 

[user]
name = John Smith
email = john.smith@organization.net

[core]
sshCommand = ssh -i ~/.ssh/id_rsa_organization


Example contents of ~/personal_code/.gitconfig

[user]
name = John Smith
email = john.smith@personal.net

[core]
sshCommand = ssh -i ~/.ssh/id_rsa_personal

The global gitconfig file can be located in a user's home directory ~/.gitconfig on UNIX systems and C:\Users\<username>\.gitconfig on Windows

Workaround 2:

Use host nicknames for your personal and organization SSH keys.

  1. For example, 2 keys were placed at:

    ~/.ssh/id_rsa_personal 
~/.ssh/id_rsa_organization

  2. You can delete all cached keys before

    $ ssh-add -D

  3. Then, add these two keys to your SSH agent

    $ ssh-add ~/.ssh/id_rsa_personal
$ ssh-add ~/.ssh/id_rsa_organization

  4. You can check your saved keys by executing the below command

    $ ssh-add -l

  5. Modify the ssh config

    $ cd ~/.ssh/
$ touch config
$ vi config 

or use your favourite editor

  6. Finally, add the ssh configuration as shown below:

    #personal account
Host bitbucket.org-personal
	HostName bitbucket.org
	User git
	IdentityFile ~/.ssh/id_rsa_personal

#organization account
Host bitbucket.org-organization
	HostName bitbucket.org
	User git
	IdentityFile ~/.ssh/id_rsa_organization

Here are some examples of how you can use the host nicknames:

For Personal account

git clone git@bitbucket.org-personal:<workspace>/<repo-slug>.git

For Organization account

git clone git@bitbucket.org-organization:<workspace>/<repo-slug>.git

You may need to modify gitconfig to add your user name and email in case of workaround-2. Also, the git repository URLs will automatically get updated in your local .git/config the first time you clone your repository. If it's an existing repository, you can manually update the [ remote "origin"] section in the local .git/config file.

eg:

[remote "origin"]
        url = git@bitbucket.org-personal:<workspace>/<repo-slug>.git




Last modified on Dec 8, 2022

Was this helpful?

Yes
No
Provide feedback about this article

Related content

Powered by Confluence and Scroll Viewport.