Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Sourcetree support multiple SSH keys?

Ryan Masterson April 30, 2013

I have multiple bitbucket accounts/SSH keys. I edited my local config file according to http://dbushell.com/2013/01/27/multiple-accounts-and-ssh-keys/ so that I can use Git Bash for both accounts, and it works fine. However I can't get Sourcetree to recognize my other account/SSH key. When I try to clone a repo it says This is not a valid source path / URL. Does Sourcetree support multiple SSH keys? If so, how?

6 answers

1 accepted

1 vote
Answer accepted
stevestreeting
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 30, 2013

It does depend on whether you're using PuTTY or OpenSSH too - SourceTree defaults to PuTTY which means you should have Pageant (the SSH agent) loaded and with your multiple keys loaded. If you're using OpenSSH (see Tools > Options to see which you've got SourceTree configured to use), then the standard .ssh/ folder configuration will apply.

Ryan Masterson April 30, 2013

I'm pretty sure my various identities are set up correctly. My config file looks as follows:

Host bitbucket.org
 User git
 Hostname bitbucket.org
 PreferredAuthentications publickey
 IdentityFile ~/.ssh/id_rsa

Host other
 User git
 Hostname bitbucket.org
 PreferredAuthentications publickey
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_rsa_home_computer

I have loaded my keys to each of my two BitBucket accounts, and I can clone repos via Git Bash successfully as:

$ git clone git@bitbucket.org:volume9inc/v9-ccu-landing-page.git test1
$ git clone git@other:greenhatwebsolutions/ironhammer.git test2

Regarding PuTTY or OpenSSH, I can do either but am having trouble with both.

For PuTTY, I first select PuTTY from Tools > Options and add my SSH key. Then when I go clone my repos, when I enter git@bitbucket.org:volume9inc/v9-ccu-landing-page.git in the Source Path, it works and says that it is a Git repository.

However when I enter in my other Source Path git@other:greenhatwebsolutions/ironhammer.git it says "This is not a valid source path"

For OpenSSH, I change the point my id_rsa file in Tools > Options. But when I enter a Source Path to clone, the spinner icon just stays spinning and says "Checking source".

stevestreeting
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 1, 2013

So a common problem is when you have 2 users on Bitbucket, both with valid SSH keys. When you make a connection to a host under SSH, your SSH client will send the first key to the server. If that is accepted, it will be used, and Bitbucket will map that key to your user account (because the URL itself doesn't identify your user, the key does). So probably what's happening is that your first key is being accepted and mapping to account A, but actually you needed account B's access rights in order to access the repo. By that time, it's too late.

The answer to this for both PuTTY and OpenSSH is to set up host aliases so that your client sends the right key first. You appear to have done that for OpenSSH as shown in the file above, but there are a few points:

  1. That config file won't be picked up by PuTTY. There is a direct equivalent in PuTTY, but it involves setting up 'Saved Sessions' in the PuTTY GUI instead - you use the session name as an alias effectively and provide the host name, key to use and other details in the GUI.
  2. For OpenSSH, you should load all the keys into the ssh-agent that SourceTree starts. You can do this by using Tools > Add SSH Key... and browsing to the new key. In Tools > Options, the multiple keys will be remembered, separated by ';'

Beyond that, SourceTree should pick up your .ssh/config when using OpenSSH - the only reason it wouldn't is if your Bash HOME setting is different from the global environment. SourceTree will detect whether or not you have HOME defined in the global env and will define it for you when calling Git if not, which should resolve this - it defines HOME as either HOMEDRIVE + HOMEPATH, or if that isn't defined then USERPROFILE.

Ryan Masterson May 1, 2013

Hi Steve,

Thank you very much for your help, but this is getting too technical. My knowledge of SSH is limited to begin with and I struggled testing both PuTTY and OpenSSH yesterday. I'm able to use both accounts in Sourcetree if I use HTTPS for my second BitBucket account instead of SSH, so I think I'll just do that.

Actually do you a preference between the two? Maybe HTTPS is just as good as SSH anyway.

stevestreeting
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 1, 2013

SSH tends to be a bit faster, so I'd advise using SSH for your primary account and HTTPS for any other accounts if you're having issues with multiple SSH keys.

6 votes
Dan Farrell
Contributor
June 14, 2020

MAC OSX in App Solution

You can also set up a secondary repo / key in Sourcetree by doing the following:

Firstly:

Open Preferences > Accounts > (Add secondary account if you haven't yet).

Secondly:

Click Edit > Hold ALT key ('Copy to clipboard' button should change to 'Generate Key') > Click and generate key. (Your SSH should now be updated to a new generated key).


Thirdly:

Set hidden files to be visible in your finder and navigate to:

~/.ssh/config (open it in code editor - optional)

Also open:

~/.ssh/YOURUSERNAME-Bitbucket.pub (open and copy content of this)

Add this new key to your Bitbucket SSH Public Keys list and click Save

Finally:

Quit and re-open Sourcetree

You should now be able to down view repo and download files.


Hope this helps someone in the future :)

callunaborealis
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
January 30, 2021

 

Click Edit > Hold ALT key ('Copy to clipboard' button should change to 'Generate Key') > Click and generate key. (Your SSH should now be updated to a new generated key).

This helps! Thank you!

On a side note, Sourcetree should really make this feature more visible to the end user. Otherwise there's no way to know this even exists.

iXiaoChuan
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
September 15, 2021

Just 666

Roger Pijoan
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
December 19, 2021

Git bless you! It works, tank you so much!

Viktor Rudyk
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 27, 2022

Thanks a lot! You saved my day!)

0 votes
psenough May 25, 2013

why does bitbucket accept multiple ssh keys if it only tries to authenticate the first one? that doesn't make much sense.

i had used https with sourcetree on mac, so i did find it odd that on windows it just kept asking me for my ssh key whenever i initiated or tried to clone the repo. thinking back now i'm not sure if i tried passing a https:// link on the clone form, that would probably have prompted the user password. thanks for the tip.

stevestreeting
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 26, 2013

It's fine if you have multiple SSH keys on one account, any one of those SSH keys will then identify you as that user. The problem arises when you have multiple Bitbucket accounts, each with an SSH key, and you have more than one of those on your client. The SSH protocol just tries keys in order, and as soon as one is accepted, you're in - but if that's not the user you wanted to be then you can have permissions issues. That's why the way to resolve it is to configure your client so it knows which key to send first to identify you as the right user.

0 votes
psenough May 23, 2013

Decision for TortoiseHg was because they support https which seems to authenticate just fine. didn't try ssh there, jsyk.

stevestreeting
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 24, 2013

SourceTree supports HTTPS too just fine BTW.

0 votes
psenough May 23, 2013

I'm testing with Windows 7, and sourcetree fails to authenticate with bitbucket.

Bitbucket account lists 2 ssh keys, the second recently created.

Sourcetree launches pageant on load, right-clicking -> view keys on pageant lists the new ssh key.

Trying to clone the repo on Sourcetree with ssh://username@bitbucket.org/users/username/reponame gives an ssh authentication key error.

I assume bitbucket only looks at the first ssh key. Or the process / instructions to add new ssh key access is flawed.

Thought it might be name and email issues, so i tried it with and without the checkbox on the "Allow Sourcetree to modify your local git and mercurial files", also tried with the correct name/email from the username on bitbuctket and without, none of them seemed to work.

After wasting an hour retrying and searching the internet I decided to give up and will just use TortoiseHg instead.

stevestreeting
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 24, 2013

The issue is that when you use SSH with Bitbucket, the username in the URL is simply 'git@bitbucket.org' and your SSH key is used to idetify your username. If you have more than one SSH key and both of them are valid Bitbucket users, then the first one will be used to log you in and identify you. If that user doesn't have access then you will get an authorisation error.

To resolve this you have to set up aliases in PuTTY (or if you use OpenSSH, in your ~/.ssh/config file) which clearly state which SSH key you want to send in each context. You use one alias for logging in as one user, and another alias for logging in as another.

The simpler option is to use SSH for your primary user and HTTPS for any secondary ones, as presumably you've done for TortoiseHg. This setup with SSH is nothing to do with SourceTree, it's just related to how SSH / Bitbucket discovers what username you are identified as.

0 votes
m
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 30, 2013

Yes it does support multiple keys. It sounds like your configuration may not be working properly. Check that link for some tips.

Really check the URL. Bitbucke provides the proper clone URL at the top of each repo page. You might also need to review the Bitbucket documentation for:

Configuring Multiple SSH Identities for GitBash, Mac OSX, & Linux

The page might duplicate what you learned on that blog but it is regularly checked and updated by our team.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events