Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Bitbucket login without 2FA code

Justin Gocks
Justin Gocks January 14, 2018

Hello to everyone,

Unfortunately i was forced to factory reset my phone and i didn't export my 2FA codes before hand.

I also have not saved my recovery codes or simply cannot find them.

From reading the docs i understand that if i have an SSH key i can still get my recovery codes through the

ssh git@bitbucket.org recovery_codes

command.

However i am quite new to git in general and have also been using the git client GitKracken (Linked to bitbucket).

Now, when i run the command from my terminal i get the

Error: Permission denied (publickey)

error, but my client is still connected to bitbucket and i can push/pull and clone just as before.

From my understanding, if GitKracken is connected to bitbucket then it must have saved an authorized SSH key somewhere and i should find that key and move it to my home/.ssh/ folder.
Is this correct or am i missing something obvious?

Any help would be appreciated because (client aside) i am locked out of my account.

Thanks a great lot to everyone!

 

Answer
Watch
Like Be the first to like this
1512 views

2 answers

0 votes
Erica K
Erica K February 1, 2018

And this is exactly the uselessness of 2FA for Bitbucket, because every other paid vendor provides some recovery option, even if by postal mail, in cases like this.

View More Comments
Ana Retamal
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 2, 2018

Hi Erika, I've never heard of postal mail being an option. As is the standard, we provide 3 ways of obtaining a code:

  1. Authenticator apps.
  2. Recovery Codes.
  3. SSH Recovery.

These options are widely used across different companies (Github and Google for example) and its advantages and risks are listed in many articles, like Don't get locked out when using 2FA.

There is no other way to obtain a code outside of these options. When you enable 2FA, you are committing to making that account accessible only to a user that is able to obtain a 2FA code. For more information you can see Retrieve recovery codes through SSH.

Please let us know if you have any other questions or there's something else I can help you with.

Regards,

Ana

Like
Sagar Mutharayappa
Sagar Mutharayappa October 22, 2018

You just talk about the steps assuming everything works as described in the article- https://confluence.atlassian.com/display/BITBUCKET/Two-step+verification?&_ga=2.247633607.1733967612.1540217663-1195139508.1537973354#Two-stepverification-RetrievearecoverycodethroughSSH 

There can be tons of issues when you do that. I have spent more than a day trying to retrieve my recovery codes but still cannot. You talk about going to Bitbucket Avatar but nothing is accessible until I enter my verification code/recovery codes which cannot be retrieved. All I see is this

image.png

Like
Ana Retamal
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 23, 2018

Hi Sagar, let me step in and help you. 

You said you haven't been able to retrieve your recovery codes, why is that? Are you using the same machine where you have the SSH key to access your account? Please run the following command in your terminal and let us know if something goes wrong:

ssh git@bitbucket.org recovery_codes

You also said you can not access the Bitbucket Avatar, which is expected as you can only see it once you're logged in (not sure where you read about that). Navigating to the Bitbucket avatar is not needed during this process. 

Let us know if you need further assistance!

Best regards,

Ana

Like
Sagar Mutharayappa
Sagar Mutharayappa October 23, 2018

All it says is "Permission denied (publickey)". I have add the keys using ssh-add and I see them when I do a ssh -add -l

Like
Reply
0 votes
Ana Retamal
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 15, 2018

 

 

Hi Justin! Looks like Bitbucket could not authenticate you, can you run this command from your terminal and show us the output? This will attempt to create a connection to Bitbucket for Git and tell you which username is using: 

ssh -Tv git@bitbucket.org

You can also run this command to see which key is your SSH agent currently offering:

ssh-add -L

Note that with ssh-agent management Bitbucket uses the first key on the list.

From my understanding, if GitKracken is connected to bitbucket then it must have saved an authorized SSH key somewhere and i should find that key and move it to my home/.ssh/ folder.
Is this correct or am i missing something obvious?

Yes, that is correct. Please follow my instructions above and let us know your findings!

Best regards,

Ana

View More Comments
Justin Gocks
Justin Gocks January 15, 2018

Hello Ana,

Thanks for your answer.

The first command outputs a few lines where it seams it is attempting a connection to bitbucket but unfortunately it ends in:

debug1: No more authentication methods to try.
Permission denied (publickey).

The second command outputs:

The agent has no identities.

So it seams like my ssh client does not have the keys stored where it expects them to be.

But i can confirm that my git client (GitKraken) still has a working connection.

Thanks again,
Justin

Like
Ana Retamal
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 16, 2018

Hello Justin, you'll need to find where the SSH key is stored and move it to the default location.

Regarding GitKraken, if still has a connection it could be because it has access to the SSH key somewhere, or maybe because the previous session hasn't been killed yet. If it's the first one, try to find where the SSH key is located. Otherwise, I'm afraid, you won't be able to obtain the recovery codes. 

Let us know!

Ana

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events