I have my public key set in some users repo and I can't remove it from there.
Went through this KB article : https://confluence.atlassian.com/bbkb/someone-has-already-registered-that-ssh-key-338365482.html .
At the bottom it says "Then visit the account for that username and remove or update the SSH key configuration." . How do I do that? I went to the users page I can't do anything there. Any instructions?
I tried to contact that user numerous times and he's not responding.
Is there any chance Bitbucket will change that? I am a freelancer working for different companies and sometimes some of them have bitbucket. Imagine the headaches this causes.
Right now i have my SSH key registered to an account with company X and i want to start using BitBucket for a newly formed company of mine. I am gonna stick with github until i can think a solution that doesn't add headaches in my daily workflow.
Any ideas anyone? (Except having multiple keys and letting GIT knows)
How many keys does Atlassian think a user can have :)?
If I am a freelancer for example, do you expect me to generate a new key for every single project ?
I understand the security "explanation", and it sort of makes sense, but this is why we "invented" the SSH keys in the first place, to have a secure and convenient way to authenticate, and this is ruining it.
Also, SSH keys have passwords attached, so even if the key is compromised, it cannot be used in most of cases.
I would say that refactoring Bitbucket to use key-per-project is a big change and nobody wants to invest time in it, that's why people talk about security...
Meanwhile, I will generate the 10'th key I have to use just because of this :)
Hi @andrian.jardan , welcome!
Bitbucket shouldn't be asking you to have a different SSH key for every project, it should only be asking you for a different SSH key for every Bitbucket account. If each of your projects belongs to a different account, then in those cases you'll indeed need different SSH keys.
Can you let us know if that is your case? If not, can you show us a screenshot where we can see that you need different keys for each project?
Hello @Ana Retamal
Yes, I unfortunately have to use different accounts for project related reasons, and that is troublesome. Even when I created a different key for the accounts, when I have all the keys added to my SSH agent, just one key is being served (the default one), so I get "Forbidden", unless I only load the proper key :)
This has forced me to waste an hour trying to troubleshoot a second SSH key, and spending time to create it.
What security case is this fixing?
My laptop has 1 ssh key for bitbucket. I should be able to use that same one for my personal account, and corporate bitbucket.
Adding to problematic use case, I created a second key and added to my second account, however ssh-add of the second key apparently does not work and additional configuration is needed to get 'git clone' command to use the right key
This is likely my ssh setup but still problematic for second key setup
Cloning into 'xxxxx'...
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
I found a better solution - use an alternative provider, and saved a couple of hours of my life. I used my SSH key in 2014 on a company account that has stopped its subscription in 2015 and this company was dissolved in 2018, so I cant reuse the key because of this policy. It's not clear what benefit does Atlassian have from enforcing it, if someone has many SSH keys(the proposed solution) he will use so many accounts or repositories he wishes anyway - I think this policy was invented by Atlassian many years ago, when they had another profit model, so this is obsolete and it must be resolved.
Situation 1 :
You could always create another ssh key without damaging the setup that the other employee has done on this machine using that key (if he ever comes back to work on it)
Solution : Add a new key by using key-gen command (specify a different key file name and use it at the ssh section in your profile.)
Situation 2 :
You and your employer are both ok to ruin the previous setups and the employee is never gonna come back.
Solution : Just completely over write the previous key by using the key-gen command and over writing the key (just press enter at both steps when asked for key file name and re-entering the name)
Hi Tomaz, if you don't have access to the Bitbucket account where your SSH key has been registered, you won't be able to remove it. You'll need to create a new one following the steps at Set up an SSH key.
Let us know if you have any questions!
Hi! In my case, I did a full Atlassian account delete without removing the SSH key. Why this error occurs? So, you're not deleting also any service/setting related to that deleted account?? If it's a full delete then everything should be deleted including the SSH key.
Am I correct to assume Atlassian is not really deleting the account but only tagging it as deleted that's why it still says "someone has already registered that ssh"?
Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events