Today I Learned ~D[2025-05-14]

Home Projects Blog About

I recently switched jobs, which means new BitBucket credentials. However; I remain an occasional consultant with my last agency so I need to keep my public key associated with their BitBucket account…

The first thing I learned today

BitBucket won’t let you use the same public key for multiple accounts. I find this a little odd; like how AWS won’t let you name a S3 bucket if the name already exists. It feels like a website telling you “hey somebody is using this password lets try something else!” I know RSA key pairs are more secure and unique than passwords but still 🤷

Making multiple pushes to git easy

You can adjust your ~/.ssh/config to easily push to separate git accounts with different keys:

# Assume this is your defaut
Host *
    UseKeychain yes 

# Key 2
Host altkey
    HostName bitbucket.org
    IdentityFile ~/.ssh/alt-key
    # you likely don't need this but it's nice to specify 
    User git

Then add/update your remote origin:

git remote add origin  git@altkey:bitbucket_account/repo.git

Instead of bitbucket.org:account you’re just subbing in the Host alias. From there SSH doesn’t care because it’s been pointed to an IdentityFile it may not be the system default but it works.

The git problems begin

git push and:

fatal: Could not read from remote repository.

Please make sure you have the correct access rights

Ok fairly common lets go through the checklist:

  1. The key is in BitBucket
  2. BitBucket access is “write”
  3. Check origin (see above)
  4. Check permissions on the public key And that’s about where my expertise ended.

Diving in

It’s useful to learn a bit of debugging, you can get pretty verbose with git logging by adding the environment variableGIT_SSH_COMMAND="ssh -vvv Pretty cool, and I was able to confirm a few differences between pushes to a working repo and the broken one. I was also able to give this log to an LLM and bounce a few ideas off it but ultimtally I don’t feel like these logs gave me a lot of valuable info. git config --list likewise is a handy flag to use but it didn’t show me any glaring issues. So I started looking into the SSH config: ssh-add -l which lists the RSA keys you have configured. To be sure I did ssh-add -D which removes your keys and then explicitly added both keys back with ssh-add ~/.ssh/[key name] Then I ran ssh -T git@altkey this runs a test with the alias configured in the config file. Infuriatingly, this returned:

authenticated via ssh key.

You can use git to connect to Bitbucket. Shell access is disabled

So my config was correct, I had access, but I could not push. It took me an hour but eventually I set the key for git to use explicitly:

GIT_SSH_COMMAND="ssh -i ~/.ssh/alt-key -o IdentitiesOnly=yes" git clone git@altkey:bitbucket_account/repo.git

No further issues (with either repo).
It’s unlikelly I’ll remember specifically setting the GIT_SSH_COMMAND which is the main reason I’m writing this!