I am investigating the concept of cloud hosting of VCS, I know that bitbucket provides the feature of private remote repository. Secure conection to the remote repositores can be established using ssh protocol, which relies on key-pair to authenticate the connection. Now, my concern is what if the key-pair is leaked to the outside, then access to the private repository becomes very easy.
I have investigated a bit, and found that bitbucket doesn't support 2-factor authentication or IP filtering to prevent such breech.
My question is, is there a way of enhancing the private remote repository?
At this time, Bitbucket doesn't offer IP Filtering or Two-Factor authentication, nor is it on an immediate roadmap. However, you can help us prioritize this work in the future by voting on these two issues: https://bitbucket.org/site/master/issue/5811/support-two-factor-authentication-bb-7016 and https://bitbucket.org/site/master/issue/3717/limiting-repo-access-by-ip-address-bb-3715. We still follow the Feature Implimentation Policy, but the votes are a part of our evaluation.
Ultimately, if you need this much control over your environment, we recommend switching to our behind the firewall product Stash. It offers many of the same features of Bitbucket, but you are 100% in control as it runs in your own network and hardware.
Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs