diff --git a/drone/server.go b/drone/server.go
index 58bfeb44fe..37d38cbefd 100644
--- a/drone/server.go
+++ b/drone/server.go
@@ -261,6 +261,11 @@ var serverCmd = cli.Command{
 			Name:   "stash-consumer-rsa",
 			Usage:  "stash oauth1 private key file",
 		},
+		cli.StringFlag{
+			EnvVar: "DRONE_STASH_CONSUMER_RSA_STRING",
+			Name: "stash-consumer-rsa-string",
+			Usage: "stash oauth1 private key string",
+		},
 		cli.StringFlag{
 			EnvVar: "DRONE_STASH_GIT_USERNAME",
 			Name:   "stash-git-username",
diff --git a/remote/bitbucketserver/bitbucketserver.go b/remote/bitbucketserver/bitbucketserver.go
index 1da0c015fd..d8cafd9dbb 100644
--- a/remote/bitbucketserver/bitbucketserver.go
+++ b/remote/bitbucketserver/bitbucketserver.go
@@ -32,6 +32,7 @@ type Opts struct {
 	Password    string // Git machine account password.
 	ConsumerKey string // Oauth1 consumer key.
 	ConsumerRSA string // Oauth1 consumer key file.
+	ConsumerRSAString string
 	SkipVerify  bool   // Skip ssl verification.
 }
 
@@ -60,19 +61,30 @@ func New(opts Opts) (remote.Remote, error) {
 		return nil, fmt.Errorf("Must have a git machine account password")
 	case opts.ConsumerKey == "":
 		return nil, fmt.Errorf("Must have a oauth1 consumer key")
-	case opts.ConsumerRSA == "":
-		return nil, fmt.Errorf("Must have a oauth1 consumer key file")
 	}
 
-	keyFile, err := ioutil.ReadFile(opts.ConsumerRSA)
-	if err != nil {
-		return nil, err
+	if opts.ConsumerRSA == "" && opts.ConsumerRSAString == "" {
+		return nil, fmt.Errorf("must have CONSUMER_RSA_KEY set to the path of a oauth1 consumer key file or CONSUMER_RSA_KEY_STRING set to the value of a oauth1 consumer key")
 	}
-	block, _ := pem.Decode(keyFile)
-	PrivateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
-	if err != nil {
-		return nil, err
+
+	var keyFileBytes []byte;
+	if opts.ConsumerRSA != "" {
+		var err error;
+		keyFileBytes, err = ioutil.ReadFile(opts.ConsumerRSA)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		keyFileBytes = []byte(opts.ConsumerRSAString)
 	}
+
+		block, _ := pem.Decode(keyFileBytes)
+		PrivateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
+		if err != nil {
+			return nil, err
+		}
+
+
 	config.Consumer = CreateConsumer(opts.URL, opts.ConsumerKey, PrivateKey)
 	return config, nil
 }
diff --git a/router/middleware/remote.go b/router/middleware/remote.go
index 7d0d56f79a..f832831c79 100644
--- a/router/middleware/remote.go
+++ b/router/middleware/remote.go
@@ -71,6 +71,7 @@ func setupStash(c *cli.Context) (remote.Remote, error) {
 		Password:    c.String("stash-git-password"),
 		ConsumerKey: c.String("stash-consumer-key"),
 		ConsumerRSA: c.String("stash-consumer-rsa"),
+		ConsumerRSAString: c.String("stash-consumer-rsa-string"),
 		SkipVerify:  c.Bool("stash-skip-verify"),
 	})
 }