Published by marco on
Azure DevOps allows you to link multiple accounts.
Our concrete use case was:
Are we clear so far? U1 and U2 are linked because reasons. U1 is old and busted; U2 is the new hotness.
The linking has an unexpected side-effect when managing SSH keys. If you have an SSH key registered with one of the linked accounts, you cannot register an SSH key with the same signature with any of the other accounts.
This is somewhat understandable (I guess), but while the error message indicates that you have a duplicate, it doesn’t tell you that the duplicate is in another account. When you check the account that you’re using and see no other SSH keys registered, it’s more than a little confusing.
Not only that, but if the user to which you’ve added the SSH key has been removed from the organization, it isn’t at all obvious how you’re supposed to access your SSH key settings for an account that no longer has access to Azure DevOps (in order to remove the SSH key).
Instead, you’re left with an orphan account that’s sitting on an SSH key that you’d like to use with a different account.
So, you could create a new SSH key _or_ you could do the following:
If you can’t add U1 to O1 anymore, then you’ll just have to generate and use a new SSH1 key for Azure. It’s not an earth-shatteringly bad user experience, but interesting to see how several logical UX decisions led to a place where a couple of IT guys were confused for long minutes.