Multiple SSH Keys settings for different Bitbucket Cloud Accounts
要約
If you have multiple SSH keys configured to access different Bitbucket accounts, you may encounter the below error while performing Git operations like clone, push, etc.
The requested repository either does not exist or you do not have access. If you believe this repository exists and you have access, make sure you're authenticated.
fatal: Could not read from remote repository.原因
When multiple keys are added as identities in the ssh-agent when you try to clone a repository from a bitbucket account, Bitbucket.org may get authenticated from one of the keys which are not authorized to access the repositories and the clone will fail with the above error. This is an expected consequence of the SSH protocol. The client auth happens long before any repository information is available, so the Bitbucket cloud accepts the first valid key that is offered. It's up to the client to provide the correct key when connecting, which the below solution ensures.
ソリューション
Workaround 1:
Use different top-level directories for personal and official work. The gitconfig includes overrides based on what path your repository resides.
Example contents of global .gitconfig at /Users/<username>/.gitconfig
[includeIf "gitdir:~/organization_code/"]
path = ~/organization_code/.gitconfig
[includeIf "gitdir:~/personal_code/"]
path = ~/personal_code/.gitconfigExample contents of ~/organization_code/.gitconfig
[user]
name = John Smith
email = john.smith@organization.net
[core]
sshCommand = ssh -i ~/.ssh/id_rsa_organizationExample contents of ~/personal_code/.gitconfig
[user]
name = John Smith
email = john.smith@personal.net
[core]
sshCommand = ssh -i ~/.ssh/id_rsa_personalThe global gitconfig file can be located in a user's home directory ~/.gitconfig on UNIX systems and C:\Users\<username>\.gitconfig on Windows
Workaround 2:
Use host nicknames for your personal and organization SSH keys.
For example, 2 keys were placed at:
~/.ssh/id_rsa_personal ~/.ssh/id_rsa_organizationYou can delete all cached keys before
$ ssh-add -DThen, add these two keys to your SSH agent
$ ssh-add ~/.ssh/id_rsa_personal $ ssh-add ~/.ssh/id_rsa_organizationYou can check your saved keys by executing the below command
$ ssh-add -lModify the ssh config
$ cd ~/.ssh/ $ touch config $ vi config or use your favourite editorFinally, add the ssh configuration as shown below:
#personal account Host bitbucket.org-personal HostName bitbucket.org User git IdentityFile ~/.ssh/id_rsa_personal #organization account Host bitbucket.org-organization HostName bitbucket.org User git IdentityFile ~/.ssh/id_rsa_organization
Here are some examples of how you can use the host nicknames:
For Personal account
git clone git@bitbucket.org-personal:<workspace>/<repo-slug>.gitFor Organization account
git clone git@bitbucket.org-organization:<workspace>/<repo-slug>.gitYou may need to modify gitconfig to add your user name and email in case of workaround-2. Also, the git repository URLs will automatically get updated in your local .git/config the first time you clone your repository. If it's an existing repository, you can manually update the [ remote "origin"] section in the local .git/config file.
eg:
[remote "origin"]
url = git@bitbucket.org-personal:<workspace>/<repo-slug>.git