We updated to Bamboo 10.2 this weekend and because our OS is configured to be FIPS compliant, Bamboo cannot establish repository ssh key connections with our Bitbucket DC 9.4 installation. It appears that Bamboo is using ed25519 by default, which is unsupported in a FIPS environment. Are there properties I can set to have Bamboo use RSA again like it did on version 9.4?
Hello jghurst,
Welcome to Atlassian community.
What you are looking for is probably a feature request in Bamboo, please refer https://jira.atlassian.com/browse/BAM-25741 for more details.
Since Bamboo 9.0, the default SSH key type that Bamboo generates when connecting to Bitbucket repositories has switched from RSA to ED25519, as Bitbucket recommends the use of ED25519 keys since they are more secure and more efficient in terms of key size, computation, and memory. Thus, Bamboo adapted to this suggestion.
However, if you'd like to force your repositories to use RSA keys – or any other SSH key algorithms – that can only be achieved through the use of Java Specs. Basically, you'd need to manage your plans and linked repositories through a Java Specs project, which will then enable you to set an SSH key manually (which can be of any of the formats that your Bitbucket allows).
Let me know if this helps
Regards,
Shashank Kumar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.