Bitbucket requires keys to be at least 1024 bits long, but mine is!

So I want to set up SSH between sourcetree and my bitbucket account. In sourcetree I click create SSH key and in the pop up menu I create a key with default settings (wich is 1024 bits length). Then I go to bitbucket and set up SSH, it then asks me to copy paste the key, which I do. But then it rejects the key for not being 1024 bits long, while it was made with the setting at 1024 bits!

Am I doing something wrong or is this a bug?

 

putty-key-wth.png

4 answers

0 vote

I had the same issue, I was able to resolve it by changing the 'Number of bits in a generated key' to a number over 1024 (say 1025), and re-generated the key

0 vote

I would strongly urge you to build larger keys - at least 2048 bits for RSA, and bigger if you can. 1024-bit RSA keys have not been considered secure for quite some time now (http://csrc.nist.gov/groups/ST/toolkit/documents/draftSP800-131_June_11_2010.pdf is a recommendation from 2010 to phase out 1024-bit keys) and I'm surprised we still support RSA keys that small.

I'd also check to see if a newer version of Putty supports elliptic key algorithms, such as ECDSA or Ed25519.

0 vote
Mark Adams Atlassian Team Sep 15, 2017

Hi Lennart! 

Jim is definitely correct that we recommend that SSH keys using RSA have a key strength of at least 2048 bits to continue to be secure. I think the simplest solution to your issue is to try generating a 2048-bit key instead.

However, it is odd that the key generated by Putty is not passing our validation. If it wouldn't be too much trouble, could you file a support ticket at http://support.atlassian.com and include the failing public key so that we can analyze it in more detail?

Thanks!

Mark Adams
Sr Developer, Bitbucket

0 vote

I know this is an old issue, and Keys are required to be "at least 2048" bits long. But you guys forgot to put an equals sign on the checking part of your code... (again) :)

Keys are not required to be "at least least 2048" but they have to be longer that that. :D 2048 is not enough. 

Suggest an answer

Log in or Join to answer
Community showcase
Piotr Plewa
Published Dec 27, 2017 in Bitbucket

Recipe: Deploying AWS Lambda functions with Bitbucket Pipelines

Bitbucket Pipelines helps me manage and automate a number of serverless deployments to AWS Lambda and this is how I do it. I'm building Node.js Lambda functions using node-lambda&nbsp...

710 views 0 4
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot