Google Compute Engine public key

Question

I've added my public key to the metadata for my project in the developer's console, when I ssh into an Ubuntu VM instance I can see my public key in the file ~/.ssh/authorized_keys but when I try to use it to clone a project from Bitbucket I receive the error Permission denied (publickey)

If I ssh-add -l I just get The agent has no identities. Is there something else I'm supposed to be doing to use my existing public key on GCE instances?

Answer 1

You are mixing up things. There are two keys, public and private (for example ~/.ssh/id_rsa{,.pub}). You are adding public key where you want to ssh/login and store private key on you computer/computer from where you want to ssh/login.

If you want to use your key pair for cloning from BitBucket from your VM, you need to do one of these things:

Using local forwarded keys

• create key pair on local machine: ssh-keygen
• store public key in BitBucket
• add this key pair into ssh agent: ssh-add path/to/private/key
• ssh into VM with agent forwarding: ssh -K your-vm
• do your clone: git clone your-repo

Using separate key pair

• ssh to your VM: ssh your-vm
• create key pair on VM: ssh-keygen
• store public key in BitBucket
• do your clone: git clone your-repo

The first solution is more useful if you don't want to have many keys and the operations with repository will not happen without your participation (cron jobs). The second one is more helpful if you want to update repo using cron and run some automation on this.