Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Prevent source code cloning via HTTPS on bitbucket cloud

Sandeep Kumar
Sandeep Kumar April 19, 2018

 

I've bitbucket premium account on cloud and have created a repository over there. I don't have locally deployed stash server. I've provided access to few of the people of my repository but I want them to use only ssh keys instead of https URL. I know the procedure the prevent HTTPS cloning on bitbucket server but I'm unable to find the procedure for disabling HTTPS cloning on bitbucket cloud.  I do have proper admin rights on my repository. 

I do know the procedure to enable SSH keys via git bucket and configured it for them but I still want to disable it via HTTPS. 

Any help will be deeply appreciated. 

 

 

 

Answer
Watch
Like Be the first to like this
3780 views

1 answer

1 accepted

0 votes
Answer accepted
Ana Retamal
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 20, 2018

Hi Sandeep! What you can do with Bitbucket Premium is to force them to use two-step verification, but you won't be able to disable HTTPS. Your users will be forced to use SSH in order to have two-step verification, though. You can find that in our documentation:

Access controls give you the ability to make sure users meet certain requirements before accessing your private repositories, wikis, issue trackers, and team admin pages. The access controls we currently have include:

- Requiring two-step verification—Require that the users who can access your private content are only able to view or interact with that content if they've enabled two-step verification.

- Whitelisting IP addresses—Restrict access of your private content to users on certain IP addresses.

Let us know if you have any questions!

Ana

View More Comments
Sandeep Kumar
Sandeep Kumar April 22, 2018

I've few questions regarding this procedure. Is it possible that only admin can add ssh keys for users or if user adds the ssh keys then admin comes to know about via e-mail or some other method?

Like
Ana Retamal
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 24, 2018

Hi Sandeep, only the users themselves can add SSH keys to their accounts.

 User management in Bitbucket Cloud is different from our other platforms (such as Jira and Confluence, for example) as it doesn't grant anyone admin permissions over other accounts. Bitbucket Cloud doesn't provide a 'User management' interface so you won't be able to perform or monitor actions that happen in other users' accounts. Every Bitbucket Cloud account has access to an Audit log, though, where some actions that other users performed in your repos get recorded.

There's a Feature request asking to add more info to the audit log, you can vote for it and add your comments at. Add additional information to account.

Lastly, is there a reason why you'd like to know when some other user adds an SSH key to their account?

Kind regards,

Ana

Like
Sandeep Kumar
Sandeep Kumar April 24, 2018

The reason I was asking for another user to add the SSH keys so that only admin can add keys and hence user doesn't add a key from the system which is not allowed to download the code. I know the feature of whitelisting IP list but then there are machines which are on dynamic IP selection.

 

Now I one thing I want confirm is that in case of 2-step procedure the bitbucket is asking for some code scanning etc but after that I assume that two verifications are as follows:

1. HTTPS login password
2. SSH keys from host.

Is there any other verification which will take place?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security