Repository access denied access via a deployment key is read-only

Question

After successfully cloning my repo from heroku and added another remote  1  git clone git heroku com  APP  git 2  git remote add bitbucket ssh   git bitbucket org  ACCOUNT   REPO  git 3  git push bitbucket master   I am still getting this error after running line  3  or using SourceTree  conq  repository access denied  access via a deployment key is read-only    First I don t understand what this message means in practice  And that s shame   I did create ssh key pair and added to heroku    ssh-keygen -t rsa  heroku keys add   id rsa pub    I also added my key in deployment keys section in BitBucket  But I must be missing something  This question is not out of laziness  I have been reading various docs including BitBuckets guides  But it still don t get around this issue   This post is related to Can I import my heroku git repo into bitbuket  and how      ADDITIONAL FACTS   ssh -T hg bitbucket org conq  authenticated via a deploy key   You can use git or hg to connect to Bitbucket  Shell access is disabled      ssh -v git bitbucket org OpenSSH 5 6p1  OpenSSL 0 9 8r 8 Feb 2011 debug1  Reading configuration data  Users joel  ssh config debug1  Applying options for bitbucket org debug1  Reading configuration data  etc ssh config debug1  Applying options for   debug1  Connecting to bitbucket org  207 223 240 181  port 22  debug1  Connection established  debug1  identity file  Users joel  ssh id rsa type 1 debug1  identity file  Users joel  ssh id rsa-cert type -1 debug1  Remote protocol version 2 0  remote software version OpenSSH 5 3 debug1  match  OpenSSH 5 3 pat OpenSSH  debug1  Enabling compatibility mode for protocol 2 0 debug1  Local version string SSH-2 0-OpenSSH 5 6 debug1  SSH2 MSG KEXINIT sent debug1  SSH2 MSG KEXINIT received debug1  kex  server- gt client aes128-ctr hmac-md5 none debug1  kex  client- gt server aes128-ctr hmac-md5 none debug1  SSH2 MSG KEX DH GEX REQUEST 1024 lt 1024 lt 8192  sent debug1  expecting SSH2 MSG KEX DH GEX GROUP debug1  SSH2 MSG KEX DH GEX INIT sent debug1  expecting SSH2 MSG KEX DH GEX REPLY debug1  Host  bitbucket org  is known and matches the RSA host key  debug1  Found key in  Users joel  ssh known hosts 5 debug1  ssh rsa verify  signature correct debug1  SSH2 MSG NEWKEYS sent debug1  expecting SSH2 MSG NEWKEYS debug1  SSH2 MSG NEWKEYS received debug1  Roaming not allowed by server debug1  SSH2 MSG SERVICE REQUEST sent debug1  SSH2 MSG SERVICE ACCEPT received debug1  Authentications that can continue  publickey debug1  Next authentication method  publickey debug1  Offering RSA public key   Users joel  ssh id rsa debug1  Remote  Forced command  conq deploykey 13907 debug1  Remote  Port forwarding disabled  debug1  Remote  X11 forwarding disabled  debug1  Remote  Agent forwarding disabled  debug1  Remote  Pty allocation disabled  debug1  Server accepts key  pkalg ssh-rsa blen 279 debug1  read PEM private key done  type RSA debug1  Remote  Forced command  conq deploykey 13907 debug1  Remote  Port forwarding disabled  debug1  Remote  X11 forwarding disabled  debug1  Remote  Agent forwarding disabled  debug1  Remote  Pty allocation disabled  debug1  Authentication succeeded  publickey   Authenticated to bitbucket org   207 223 240 181  22   debug1  channel 0  new  client-session  debug1  Requesting no-more-sessions openssh com debug1  Entering interactive session  debug1  Sending environment  debug1  Sending env LC CTYPE   UTF-8 PTY allocation request failed on channel 0   Looks like all is fine

User · Answer

here is yhe full code to clone all repos from a given BitBucket team/user

# -*- coding: utf-8 -*-
"""

    ~~~~~~~~~~~~

    Little script to clone all repos from a given BitBucket team/user.

    :author: https://thepythoncoding.blogspot.com/2019/06/python-script-to-clone-all-repositories.html
    :copyright: (c) 2019
"""

from git import Repo
from requests.auth import HTTPBasicAuth

import argparse
import json
import os
import requests
import sys

def get_repos(username, password, team):
    bitbucket_api_root = 'https://api.bitbucket.org/1.0/users/'
    raw_request = requests.get(bitbucket_api_root + team, auth=HTTPBasicAuth(username, password))
    dict_request = json.loads(raw_request.content.decode('utf-8'))
    repos = dict_request['repositories']

    return repos

def clone_all(repos):
    i = 1
    success_clone = 0
    for repo in repos:
        name = repo['name']
        clone_path = os.path.abspath(os.path.join(full_path, name))

        if os.path.exists(clone_path):
            print('Skipping repo {} of {} because path {} exists'.format(i, len(repos), clone_path))
        else:
            # Folder name should be the repo's name
            print('Cloning repo {} of {}. Repo name: {}'.format(i, len(repos), name))
            try:
                git_repo_loc = '[email protected]:{}/{}.git'.format(team, name)
                Repo.clone_from(git_repo_loc, clone_path)
                print('Cloning complete for repo {}'.format(name))
                success_clone = success_clone + 1
            except Exception as e:
                print('Unable to clone repo {}. Reason: {} (exit code {})'.format(name, e.stderr, e.status))
        i = i + 1

    print('Successfully cloned {} out of {} repos'.format(success_clone, len(repos)))

parser = argparse.ArgumentParser(description='clooney - clone all repos from a given BitBucket team/user')

parser.add_argument('-f',
                    '--full-path',
                    dest='full_path',
                    required=False,
                    help='Full path of directory which will hold the cloned repos')

parser.add_argument('-u',
                    '--username',
                    dest="username",
                    required=True,
                    help='Bitbucket username')

parser.add_argument('-p',
                    '--password',
                    dest="password",
                    required=False,
                    help='Bitbucket password')

parser.add_argument('-t',
                    '--team',
                    dest="team",
                    required=False,
                    help='The target team/user')

parser.set_defaults(full_path='')
parser.set_defaults(password='')
parser.set_defaults(team='')

args = parser.parse_args()

username = args.username
password = args.password
full_path = args.full_path
team = args.team

if not team:
    team = username

if __name__ == '__main__':
    try:
        print('Fetching repos...')
        repos = get_repos(username, password, team)
        print('Done: {} repos fetched'.format(len(repos)))
    except Exception as e:
        print('FATAL: Could not get repos: ({}). Terminating script.'.format(e))
        sys.exit(1)

    clone_all(repos)

More info: https://thepythoncoding.blogspot.com/2019/06/python-script-to-clone-all-repositories.html

User · Answer

First choose or create the key you want to use for pushing to Bitbucket  Let s say its public key is at    ssh bitbucket pub   Add your public key to Bitbucket by logging in and going to your public profile  settings  ssh-key  add key  Configure ssh to use that key when communicating with Bitbucket  E g  in Linux add to    ssh config        Host bitbucket org     IdentityFile    ssh bitbucket

User · Answer

Deployment Key  is only for Read Only access  Following is a good way to work through this    Create and SSH key and add it to bitbucket  User Avatar -  Bitbucket Setting-  SSH keys     ssh known hosts ssh-add -D  Remove keys loaded to SSH agent  ssh-add    ssh your private key for bitbucket ssh git bitbucket org -Tv  Verify that your key is getting used to connect to bitbucket  git push  remote name   branch name

User · Answer

All you need - add another key and use it   As i ve found first key - always Deployment Key

User · Answer

I had the same issue Kabir Sarin had  The solution was to clone the repo via SSH  instead of using the https URL  so this is what helped me  and hopefully others       git clone git bitbucket org  accountName   repoName  git

User · Answer

Recently I faced the same issue  I got the following error   repository access denied  access via a deployment key is read-only   You can have two kinds of SSH keys     For your entire account which will work for all repositories Per repository SSH key which can only be used for that specific repository    I simply removed my repository SSH key and added a new SSH key to my account and it worked well   I hope it helps someone  Cheers

User · Answer

Steps    Create ssh keys on source server  ssh-keygen Cat and copy id rsa pub located under    ssh directory Go to Bitbucket  if you have already set the access keys for repository s  then delete existing public key s  Go to Bitbucket avatar  Bitbucket settings  SSH Keys  under Security  left pane   Click on  Add Keys   paste the public key  Check if it works by running below command on the source server  git remote show origin For fetch and push from the source server  if the protocol is  https  then you have to change it to  git ssh  by running below command  git remote set-url origin git ssh    lt bitbucketaccount gt  bitbucket org  lt accountname gt  repo git Check if you can do push to the repo    Done

User · Answer

you need to add your key to your profile and NOT to a specific repository  follow this  https   community atlassian com t5 Bitbucket-questions How-do-I-add-an-SSH-key-as-opposed-to-a-deployment-keys qaq-p 413373

User · Answer

Sometimes it doesn t work because you manually set another key for bitbucket in    ssh config

User · Answer

Deployment keys are read only  To enable write access you need to    Remove this deployment key from your repository settings  You won t be able to write to this repo with this key anyway  Go to  Avatar -  Settings -  SSH Keys  and add the same key Now try to push to remove branch   You were able to write to repositories before but this is a change in BitBucket where you re no longer able to write with deploy key

User · Answer

Two step process to be able to push pull   Step1  Generate ssh key public and private  on macStep2  Put private key in mac and public key in git websitebelow detailed steps are for mac users   Step 1  Generating keys    make sure you have git installed https   git-scm com download mac open terminal and type ssh-keygen this will prompt you to enter storage location for key  you may type  Users  machinename   ssh  keyname   Next it will ask for passphrase  you can either leave it blank by pressing enter or enter some keyword to be entered again at next prompt This will have created two keys for you  private and public  with name  keyname  and  keyname  pub   Step2 pushing keys to appropriate locations mac and remote accounts i e Github  bitbucket  gitlab etc     Type ssh-add -K    ssh  keyname  in terminal to add your private key to the mac Type pbcopy  lt     ssh  keyname  pub to copy public key to clipboard Open account settings on your respective git website and go to add key  there paste the public key copied above       Done  now you can push pull

User · Answer

First confusion on my side was about where exactly to set SSH Keys in BitBucket   I am new to BitBucket and I was setting a Deployment Key which gives read-access only   So make sure you are setting your rsa pub key in your BitBucket Account Settings    Click your BitBucket avatar and select Bitbucket Settings Manage account   There you ll be able to set SSH Keys   I simply deleted the Deployment Key  I don t need any for now  And it worked

User · Answer

I had this happen when I was trying to use a deployment key because that is exactly what I wanted   I could connect via ssh -T git bitbucket org and it would tell me I had access to read the repository I wanted  but git clone would fail   Clearing out    ssh known hosts  generating a new key via ssh-keygen  adding that new key to bitbucket  and retrying fixed it for me

User · Answer

You have to delete the deployment key first if you are going to add the same key under Manage Account SSH Key

User · Answer

I would like to re-emphasize the following     You might have added the SSH key to your repository  e g  ExampleRepo   but this is NOT where the SSH key goes  It is meant to go into YOUR PROFILE  This is the small avatar on the bottom left corner of the screen  Here  you ll find a different place to put your SSH Keys  under Security    then you add the key here instead   If you accidentally put your SSH key into the repository  as opposed to your account   then delete the one in the repository     Took me ages to realise  somehow even after reading the answers here it didn t click

User · Answer

TLDR   ssh-add    ssh yourkey  I ve just worked through this problem   And none of the other answers helped   I did have a   ssh config with all the right stuff  also an earlier repository working fine  same bitbucket account  same key   Then I generated a deploy key  and after that created a new repository   After that could not clone the new repo   I wish I knew how why ssh agent was messing this up  but adding the key solved it  I mean adding the key in my local Ubuntu  not in bitbucket admin  The command is just          ssh  ssh-add myregualrkey   Hope this helps someone

User · Answer

Now the SSH option is under the security settings  Click Your Avatar --  Bitbucket Settings --  SSH Key --  Add Key   Paste your public key

User · Answer

for this error   conq  repository access denied  access via a deployment key is read-only   I change the name of my key  example   cd  home try  ssh  mv try id rsa mv try pub id rsa pub   I work on my own key on bitbucket

[git] Repository access denied. access via a deployment key is read-only

Examples related to git

Examples related to ssh

Examples related to bitbucket

Examples related to ssh-keys