I am investigating the concept of cloud hosting of VCS, I know that bitbucket provides the feature of private remote repository. Secure conection to the remote repositores can be established using ssh protocol, which relies on key-pair to authenticate the connection. Now, my concern is what if the key-pair is leaked to the outside, then access to the private repository becomes very easy.
I have investigated a bit, and found that bitbucket doesn't support 2-factor authentication or IP filtering to prevent such breech.
My question is, is there a way of enhancing the private remote repository?
At this time, Bitbucket doesn't offer IP Filtering or Two-Factor authentication, nor is it on an immediate roadmap. However, you can help us prioritize this work in the future by voting on these two issues: https://bitbucket.org/site/master/issue/5811/support-two-factor-authentication-bb-7016 and https://bitbucket.org/site/master/issue/3717/limiting-repo-access-by-ip-address-bb-3715. We still follow the Feature Implimentation Policy, but the votes are a part of our evaluation.
Ultimately, if you need this much control over your environment, we recommend switching to our behind the firewall product Stash. It offers many of the same features of Bitbucket, but you are 100% in control as it runs in your own network and hardware.
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.Read more
Bitbucket Pipelines helps me manage and automate a number of serverless deployments to AWS Lambda and this is how I do it. I'm building Node.js Lambda functions using node-lambda ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs