Bitbucket known hosts fetch fails ssh request

Hey, I'm usingn AWS EC2 with security groups defined to allow requests from remote machines to my server.

While trying to fetch my server fingerprint in known hosts section, I receive an error saying that the SSH request fails. This is probably caused by my server not allowing the request.

I've tried adding api.bitbucket.org IP addresses defined here: https://confluence.atlassian.com/bitbucket/what-are-the-bitbucket-cloud-ip-addresses-i-should-use-to-configure-my-corporate-firewall-343343385.html but the SSH request still fails.

What IP address does bitbucket use to make this request?

Thanks in advanced.

1 answer

1 accepted

0 votes
Accepted answer

Hello @Imri Barr,

Is it failing due to IP address or port number?

I receive an error saying that the SSH request fails.

What is the error you are receiving? Could you please enable DEBUG and provide output so we can help you out?

# Windows
set GIT_TRACE_PACKET=1 set GIT_TRACE=1 set GIT_CURL_VERBOSE=1
git clone ....
# Linux or GitBash
export GIT_TRACE_PACKET=1 export GIT_TRACE=1 export GIT_CURL_VERBOSE=1
git clone ....

Are you able to SSH to Bitbucket?

ssh -v bitbucket.org

Kind regards,

Rafael

Hey @Rafael Sperafico, I meant for the SSH request using fetch known hosts. I'm following this guide: https://confluence.atlassian.com/bitbucket/use-ssh-keys-in-bitbucket-pipelines-847452940.html

Hello @Imri Barr,

in What IP address does bitbucket use to make this request?

Bitbucket uses a range of ip addresses, as per mentioned in https://confluence.atlassian.com/pages/viewpage.action?pageId=847452940, so you are required to whitelist them.

Kind regards,

Rafael

Which ones of the IP list ranges should I use? I currently only inserted the api.bitbucket.com IP addresses.

Hello @Imri Barr,

Valid IP addresses for Bitbucket Pipelines services

You can use this IP range to whitelist requests made by Bitbucket Pipelines services (not your build environments) to external systems such as performing an SSH fingerprint lookup. Note that this IP range may also be used by other Atlassian systems in addition to Bitbucket Pipelines.

IPv4 Outbound

104.192.136.0/21

Kind regards,

Rafael

This is the IP I was looking for!

Thank you very much!

Alex I'm New Here Sep 27, 2018

i have to add all of them to my whitelist - from the pipeline list?

 

  • 34.199.54.113/32
  • 34.232.25.90/32
  • 34.232.119.183/32
  • 34.236.25.177/32
  • 35.171.175.212/32
  • 52.54.90.98/32
  • 52.202.195.162/32
  • 52.203.14.55/32
  • 52.204.96.37/32
  • 34.218.156.209/32
  • 34.218.168.212/32
  • 52.41.219.63/32
  • 35.155.178.254/32
  • 35.160.177.10/32
  • 34.216.18.129/32

Alex,

Try adding the "Valid IP addresses for Bitbucket Pipelines services" which include:

  • 52.8.84.222/32
  • 52.52.234.127/32
  • 104.192.136.0/21
  • 13.52.5.96/28

They worked for me.

Like 1 person likes this

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 06, 2018 in Bitbucket

Upgrade Best Practices

Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...

409 views 5 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you