The error message “Fingerprint has already been taken, Deploy keys projects deploy key fingerprint has already been taken” typically indicates that the SSH key you are trying to add is already in use in your CI/CD system or on the server you’re trying to access. This can happen in a few scenarios:
- Duplicate Key in the Same Project: You might be trying to add an SSH key that’s already been added to the same project or repository in your CI/CD system. Each key can typically only be added once per project.
- Key Used in Another Project: If you’re using a platform like GitLab or GitHub, and the SSH key is already associated with another project or repository, you can’t add it again as a deploy key to a different project. Deploy keys are meant to be unique to each project.
- Key Already on Server: If you’re adding this key to an EC2 instance and the key is already present in the
authorized_keysfile, the system might reject adding a duplicate.
Here’s how you can resolve this issue:
- Check for Duplicate Keys: First, check if the key is already added to your project or repository in your CI/CD system. If it’s already there, you don’t need to add it again.
- Use a Different Key: If the key is being used in another project and you need a unique key for this new project, generate a new SSH key pair specifically for this purpose.
- Check EC2
authorized_keys: If you’re adding the key to an EC2 instance, check the
.ssh/authorized_keysfile to see if the key is already present.
- Project Settings: In some CI/CD systems, you might have the option to add a key at a higher level (like at the group or user level in GitLab) instead of as a deploy key, which could bypass this restriction.
- Consult Documentation: Since each CI/CD system (like Jenkins, GitLab CI, GitHub Actions, etc.) has its own way of handling SSH keys, it’s a good idea to refer to the specific documentation of your CI/CD system for detailed instructions on managing SSH keys.
When adding your SSH public key to an EC2 instance for deployment from a CI/CD server, you should copy and paste the entire key exactly as it is, including the “ssh-rsa” prefix and the email or identifier at the end. This full line is the public key in its standard format, which is recognized by the SSH service.
Here’s why each part is important:
- “ssh-rsa” Prefix: This part indicates the type of key (in this case, RSA). It’s essential for the server to understand what kind of key it is dealing with.
- Key Body: The long string of characters following “ssh-rsa” is the actual key. This is the critical part that is used for the secure cryptographic operations.
- Email/Identifier: The last part, usually an email or a username, is a comment or identifier. It doesn’t play a role in the cryptographic process but is helpful for administrative purposes, such as identifying which key belongs to whom.