Git on Bitbucket: Always asked for password, even after uploading my public SSH key

Question

I uploaded my ~/.ssh/id_rsa.pub to Bitbucket's SSH keys as explained, but Git still asks me for my password at every operation (such as git pull). Did I miss something?

It is a private repository (fork of another person's private repository) and I cloned it like this:

git clone git@bitbucket.org:Nicolas_Raoul/therepo.git

Here is my local .git/config:

[core]
        repositoryformatversion = 0
        filemode = true
        bare = false
        logallrefupdates = true
[remote "origin"]
        fetch = +refs/heads/*:refs/remotes/origin/*
        url = https://Nicolas_Raoul@bitbucket.org/Nicolas_Raoul/therepo.git
[branch "master"]
        remote = origin
        merge = refs/heads/master

In the same environment with the same public key, Git on Github works fine.
.ssh is rwx------, .ssh/id_rsa is -rw-------, .ssh/id_rsa.pub is -rw-r--r--

Answer 1

The keyword here is 'ssh://' instead of https://' :-)

in your .git/config

Be aware! If you have cloned repositories, these can be re-cloned after you added your public key to BitBucket to make it work. This is probably more clean that hacking your config file ;-)

Answer 2

If you still get too many authentication failures errors:

nano ~/.ssh/config

And paste:

Host bitbucket_james
    HostName bitbucket.org
    User james
    Port 22
    IdentitiesOnly=yes
    IdentityFile=~/.ssh/id_rsa_bitbucket_james

And most important - you should bitbucket_james alias instead of bitbucket.org when you set up your remote URL:

git remote set-url origin git@bitbucket_james:repo_owner_user/repo_name.git

Answer 3

If you are using a Ubuntu system, use the following to Store Password Permanently:

git config --global credential.helper store

Answer 4

I logged in using my username instead of email and it started working.

Answer 5

Actually, none of these answers reflect current state of the art with Git (v2.29 by time of writing this answer). In the latest versions of Git, cache, winstore, wincred are deprecated.

---

If you want to clone a Bitbucket repository via HTTPS, e.g.

git clone https://Kutlime@bitbucket.org/SomeOrganization/SomeRepo.git

You have to:

1. Generate app password at Bitbucket user administration.
2. Setup your credential method in .gitconfig accordingly (global or local)

[credential]
    helper = manager

You can locate your .gitconfig by executing this command.

git config --list --show-origin

3. Execute

git clone https://Kutlime@bitbucket.org/SomeOrganization/SomeRepo.git

and wait until log on window appears. Use your user name from the url (kutlime in my case) and your generated app password as a password.

Answer 6

Are you sure you cloned it using the ssh url?

The url for origin says url = https://Nicolas_Raoul@bitbucket.org/Nicolas_Raoul/therepo.git so if it is using https it will ask for password irrespective of your ssh keys.

So what you want to do is the following:

open your config file in your current repo ..

vim .git/config

and change the line with the url from

[remote "origin"]
        fetch = +refs/heads/*:refs/remotes/origin/*
        url = https://Nicolas_Raoul@bitbucket.org/Nicolas_Raoul/therepo.git

to

[remote "origin"]
        fetch = +refs/heads/*:refs/remotes/origin/*
        url = git@bitbucket.org:Nicolas_Raoul/therepo.git

Answer 7

I cloned the repository with HTTPS URL instead of SSH URL hence even after adding the SSH Key it was asking me for password on Bash Shell.

I just edited the ./.git/config file and changed the value of url variable by simply replacing the https:// to ssh://

E.g.

[core]
        ...
        ...
        ...
[remote "origin"]
        url = https://<username>@bitbucket.org/<username>/<repository_name>.git
        fetch = +refs/heads/*:refs/remotes/origin/*
        ...
        ...
        ...

Changed to:

[core]
        ...
        ...
        ...
[remote "origin"]
        url = ssh://<username>@bitbucket.org/<username>/<repository_name>.git
        fetch = +refs/heads/*:refs/remotes/origin/*
        ...
        ...
        ...

Answer 8

None of these answers helped me, turned out my issue was slightly different. It was ssh that was asking for my password each time, before sending the key. So what I had to do was link my password with this command:

ssh-add -K ~/.ssh/id_rsa

It'll then prompt you for your password and store it. This could be the solution you're looking for if each time your prompted for a password it says

Enter passphrase for key '/Users//.ssh/id_rsa':

More info here

NOTE: I used this on my mac machine successfully, but as @Rob Kwasowski pointed out below, the upper case K option is unique to mac. If not on mac you will need to use lowercase k (which probably works for mac too but I haven't tested).

Answer 9

I was having other weirdness around logging in. I came across something that seemed totally dumb but worked in my case. Simply go to MacOS's keychain. Find the login lock icon in the sidebar. Click it to logout and then click to login. Sounds dumb but it solved my issues. Worth a shot.

Answer 10

With me, although I ran 'git clone ssh://git@stash.xxx.com:7999/projName/projA.git' I was still being prompted for password for this new repo that I cloned, so by comparing its .git/config file to other repos that work, It turned out to be the url under the [remote "origin"] section, it was set to the ssh path above for the new repo, but was set to https:xxx for the working one.

Answer 11

Hello Googlers from the future.

On MacOS >= High Sierra, the SSH key is no longer saved to the KeyChain because of reasons.

Using ssh-add -K no longer survives restarts as well.

Here are 3 possible solutions.

I've used the first method successfully. I've created a file called config in ~/.ssh:

Host *
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_rsa

Answer 12

You may need to double-check your SSH identities file. You may be guiding BitBucket to look at a different/incorrect private key to the equivalent public key that you have saved on BitBucket.

Check it with tail ~/.ssh/config - you will see something similar to:

Host bitbucket.org
 HostName bitbucket.org
 IdentityFile ~/.ssh/personal-bitbucket-ssh-key

Remember, that adding additional identities (such as work and home) can be done with the ssh-add command, for example:

ssh-keygen -t rsa -C "companyName" -f "companyName"
ssh-add ~/.ssh/companyName

Once you have confirmed which private key is being looked at locally, you can then take your public equivalent, in this case:

cat ~/.ssh/personal-bitbucket-ssh-key.pub | pbcopy

And paste that cipher onto BitBucket. Your git pushes will now (provided you are using the SSH clone as aforementioned answers have pointed out) be allowed without a password, as your device is a recognised friendly.

Hopefully this helps clear it up for someone.

Answer 13

The following assumes command-line access via iTerm / Terminal to bitbucket.

For MacOS Sierra 10.12.5, my system manifested an equivalent problem - asking for my SSH passphrase on each connection to bitbucket.

The issue has to do with OpenSSH updates in macOS 10.12.2, which are described here in Technical Note TN2449.

You very well might want to tailor your solution, but the following will work when added to your ~/.ssh/config file:

Host *
    UseKeychain yes

For more information on ssh configs, take a look at the man pages for ssh_config:

% man ssh_config

One other thing: there is a good write-up on superuser here that discusses this problem and various solutions depending on your needs and setup.

Answer 14

Its already answered above. I will summarise the steps to check above.

run git remote -v in project dir. If the output shows remote url starting with https://abc then you may need username password everytime.

So to change the remote url run git remote set-url origin {ssh remote url address starts with mostly git@bitbucket.org:}.

Now run git remote -v to verify the changed remote url.

Refer : https://help.github.com/articles/changing-a-remote-s-url/

Answer 15

• Step 1: Install git-credential-winstore
  https://confluence.atlassian.com/bitbucketserver/permanently-authenticating-with-git-repositories-776639846.html

• Step 2: git config --global credential.helper 'cache --timeout 3600'
  This will store your password for 1 hour

• Step 3: Run a git command that will prompt you for your password and the credential will prompt and store your password

Answer 16

As explained here, if you clone with SSH url, you don't need to enter username / password each time you push / pull. Check above answer by @manojlds

But if you want to clone with HTTPS and want to avoid entering username / password each time, you can store credentials into cache with below command:

git config --global credential.helper 'cache --timeout 3600'

where 3600 (seconds) means 1 hour, you may change it as per your requirement.

Answer 17

In the HTTP request case, it is also and alternatively possible to paste the credentials (with password) directly into the url:

http://username:password@bitbucket.org/...

This will save the pain to give your credentials every times again. Simple modify your .git/config (the url).