Bitbucket deploy/access keys
These secure access keys in Bitbucket (previously deploy keys) help you setup your service with read only access to a project, perfect for use with deployments on a server.
First you'll want to generate a new ssh key:
ssh-keygen -t rsa -b 4096 -C "EMAIL@YOUR.SERVICE" -f ./deploy_key
Replacing DEPLOY@YOUR.SERVICE
with an email used as a comment on this key file.
e.g. deploy@myservice.com
& replace ./deploy_key
with the location you'd like the file.
e.g. if using with ansible you could save this into the files folder for this role. Or if setting this up directly on your server you'd likely want this in the .ssh folder for the user that will be using it.
This will ask for passphrase but if you're using this key in an automated script you may want to leave this blank.
Once setup you can then edit the .ssh/config file for this user on the server (or set this file up via ansible).
~/.ssh/config
Host bitbucket.org
StrictHostKeyChecking no
IdentityFile ~/.ssh/deploy_key
This will tell git to use your key for any project on where it's remote is on Bitbucket.
Last you need to add the public key generated earlier (./deploykey.pub) onto Bibucket.
Login and find the repository you're working with & then head over to it's settings.
On Here you'll want to select Access Keys & Add Key.
Next you'll just need to paste in your key. This is the .pub
version of the file you saved the key as earlier. It will have saved next to the private key file.
Test it by either git cloning down your repo to the server or simply making a an ssh connection to bitbucket.org, & then you're done :D.