SSH Keys, Bitbucket and SourceTree on MAC – A Ménage à Trois of Misery

Ok so the title is a little dramatic, but I had just run the same provisioning script multiple times only to have it fail when trying to clone a Bitbucket GIT repository. Luckily I resolved everything, which is why I am here chirpily regaling you with my story instead of picking up bits of smashed up keyboard as a result of a temper tantrum (embarrassingly, this has actually happened). So how did I do it? Well first lets have some backstory…

I work on a MAC. I used to run GIT in the terminal because it made me feel like I was Keanu Reeves as Neo in The Matrix. This was right up until the point that I had conflicts, at which point I would delete everything and feel more like Keanu Reeves playing any character with more dialogue than “uhhh”. Fortunately a good friend of mine, who we’ll call Riaan, because that is indeed his name, convinced me that it was ok to use a GUI. Now I don’t touch GIT without SourceTree making everything look friendly. I even resolved some conflicts earlier (without resorting to “bash their heads together”, which is my default method when it comes to my kids conflicts).

As an enlightened developer, I also use GIT repositories. I like Bitbucket because it allows for private repositories for free. This is good for two reasons: 1, because I am writing code for companies who don’t want other people accessing it, and 2, because I am petrified of anyone seeing my code and discovering the vast depths of my incompetence. The latter is, I hope, partly due to unhealthy levels of imposter syndrome, but I don’t want to take the chance yet.

Fortunately, most of my repos contain code by me, for me, because like most self-respecting super-heroes and maverick movie cops, I work alone (this may also be influenced by point 2 above). However, from time to time, I need to work with other developers. The brilliant “Creativity INC” by Ed Catmull recommends that you always hire people who are cleverer than you. I suspect Mr Catmull takes longer to find such people than I do, but I took his advice, and hired a developer who is far cleverer than I am. We thrashed out a few ideas and got to work. Not long afterwards, I was still doodling ideas on a piece of paper and he had written a provisioner to install a site bootstrap on my local Vagrant install. Unfortunately, while provisioning, this attempts to clone a GIT repo. This can’t be done without SSH. I read SSH as SHHHHHHH. I also make this noise whenever someone tries to talk SSH to me. Sadly provisioning scripts don’t listen to me, so I had to sort my act out. This is what I did:

1. Open a Terminal, and pretend you’re Neo.
First CD into the .ssh directory, and generate an ssh key.

$ cd ~/.ssh
$ ssh-keygen

Give the key a name if you don’t want the default. I saved mine as id_site_bitbucket where site was the name of the site the keys were for. This is just to (hopefully) aid my swiss cheese brain when I happen across these in future.

Enter a passphrase when prompted, and save it to your password manager (because you do have a password manager and don’t just scribble passwords on a piece of paper or use admin123 as your password right?)

Copy the key to clipboard. Note that I am using the key name I generated, replace this with whatever you used for your key. Also note that we are copying the public key, hence the .pub extension (I assume? I’m winging it on that one).

pbcopy < id_site_bitbucket.pub

nb: I am assuming you are still in the .ssh directory here, cd ~/.ssh if not.

2. Login to Bitbucket, and click yourself
(or the mystery man icon if you are too lazy to set your profile up like I am) – its bottom left of the screen.
Select “Bitbucket Settings” from the menu.
From the “Security” section that then loads, select “SSH Keys” (nb you may need to actively enable SSH keys if you haven’t already, take a look at the Atlassian site for more on this if so).
Click to “Add Key”, and paste your key (that you copied to clipboard via the command above) into the “key” textarea. I named the key the same as the name of the public key (id_site_bitbucket.pub) for further clarity and hopefully a “Eureka” moment at some point in the future when I try and recall all of this.
Click “Add Key”.

3. Now we get to the point that stumped me for a bit.
If you want to feel my pain, try and checkout a GIT Repo from your bitbucket account using the SSH URL. It won’t work (or didn’t for me). Then google and find endless instructions on setting up SourceTree with SSH keys that all reference Windows versions and menus that don’t appear to be on the MAC version.

Alternatively…

4. Head back to the Terminal
cd back into .ssh (if you aren’t still there) and type the following:

ssh-add -K id_site_bitbucket

You will then be prompted for the passphrase for the key.
This adds the key to your built-in keychain, which allows your MAC’s native SSH client access to it (please don’t ask me what this actually means, just let me recite it knowingly, and we can all walk away from this with our pride intact).

Thursday 29th June 2017: Pride comes before a fall as they say. Happened to turn my Mac off last night (usually leave it on), logged in this morning, and it turns out that the key is no longer in my keychain. Yet to find out how to permanently add this to keychain, so be aware you will have to run the ssh-add command every time your MAC has restarted should you wish to make use of your key. If I find out a better way around this, I’ll update the post. Feel free to leave a comment if you have any suggestions.

Thursday 13th July 2017: See how to automate this here

5. Quick trip back to BitBucket
Copy the SSH URL for your GIT repo

6. Open SourceTree
Click “New” and select “clone from URL”.
Paste in your repo’s URL and you should be good to go!
In my case, this means running the provisioner for the 679th time, and what do you know, its working!!

---

Sources:

• https://confluence.atlassian.com/bitbucket/set-up-ssh-for-git-728138079.html#SetupSSHforGit-startagent
• https://wiki.hpcc.msu.edu/display/hpccdocs/Adding+a+Private+Key+to+Your+Mac+OSX+Keychain