Multiple ssh-keys for bitbucket server on Windows 10

Question

I have 2 bitbucket accounts. One - is for work purposes, another one for my pet-projects.

I followed the bitbucket documentation, how to setup multiple ssh-keys.

Account for work purposes has username: user4work. Account for home pet-projects has username: user4home.

~\.ssh\config file looks like that:

IdentityFile ~/.ssh/user4work
IdentityFile ~/.ssh/user4home

Host bitbucket.org-user4work
    HostName bitbucket.org
    User git
    IdentityFile ~/.ssh/user4work
    IdentitiesOnly yes

Host bitbucket.org-user4home
    HostName bitbucket.org
    User git
    IdentityFile ~/.ssh/user4home
    IdentitiesOnly yes

folder ~/.ssh/ has the following files:

config
known_hosts
user4home
user4home.pub
user4work
user4work.pub

Contents of *.pub files are set as SSH-keys in corresponding bitbucket account settings.

"OpenSSH Authentication Agent" (ssh-agent) service is set to start automatically upon Windows startup.

The problem is, that the user4work account is accessible for git commands via ssh, but user4home account is not.

Upon cloning something from user4home's repo via ssh, I get the Forbidden error.

When I call ssh -v bitbucket.org in git bash window I get the following output.

$ ssh -v [email protected]
OpenSSH_8.0p1, OpenSSL 1.1.1c  28 May 2019
debug1: Reading configuration data /c/Users/Rafael/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to bitbucket.org [18.234.32.157] port 22.
debug1: Connection established.
debug1: identity file /c/Users/Rafael/.ssh/user4work type 0
debug1: identity file /c/Users/Rafael/.ssh/user4work-cert type -1
debug1: identity file /c/Users/Rafael/.ssh/user4home type 0
debug1: identity file /c/Users/Rafael/.ssh/user4home-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.0
debug1: Remote protocol version 2.0, remote software version conker_51a1cf6f2c app-141
debug1: no match: conker_51a1cf6f2c app-141
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:abcdef1234567890
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /c/Users/Rafael/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/Rafael/.ssh/user4work RSA SHA256:xxxxxxxxxxxxxxxxxxxxx explicit
debug1: Will attempt key: /c/Users/Rafael/.ssh/user4home RSA SHA256:yyyyyyyyyyyyyyyyyyyyy explicit
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /c/Users/Rafael/.ssh/user4work RSA SHA256:xxxxxxxxxxxxxxxxxxxxx explicit
debug1: Server accepts key: /c/Users/Rafael/.ssh/user4work RSA SHA256:xxxxxxxxxxxxxxxxxxxxx explicit
debug1: Authentication succeeded (publickey).
Authenticated to bitbucket.org ([18.234.32.157]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
PTY allocation request failed on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
logged in as user4work

You can use git or hg to connect to Bitbucket. Shell access is disabled
debug1: channel 0: free: client-session, nchannels 1
Connection to bitbucket.org closed.
Transferred: sent 3404, received 1988 bytes, in 0.3 seconds
Bytes per second: sent 13427.0, received 7841.6
debug1: Exit status 0

If in the ~/.ssh/config file I replace two first two lines from

IdentityFile ~/.ssh/user4work
IdentityFile ~/.ssh/user4home

to

IdentityFile ~/.ssh/user4home    
IdentityFile ~/.ssh/user4work

Then user4home account works via ssh in git, but user4work does not.

I think I am missing something here. Any ideas?

Thank you.

Answer 1

You should replace the [email protected] portion of clone URLs with bitbucket.org-user4work when you want to access a repository with work credentials

You should replace the [email protected] portion of clone URLs with bitbucket.org-user4home when you want to access a repository with personal credentials

So, for example, if you have a work repository that is originally cloned using:

git clone [email protected]:organization/project.git

You should instead run

git clone bitbucket.org-user4work:organization/project.git