Bitbucket security of remote repository

Hi,

I am investigating the concept of cloud hosting of VCS, I know that bitbucket provides the feature of private remote repository. Secure conection to the remote repositores can be established using ssh protocol, which relies on key-pair to authenticate the connection. Now, my concern is what if the key-pair is leaked to the outside, then access to the private repository becomes very easy.

I have investigated a bit, and found that bitbucket doesn't support 2-factor authentication or IP filtering to prevent such breech.

My question is, is there a way of enhancing the private remote repository?

1 answer

1 accepted

At this time, Bitbucket doesn't offer IP Filtering or Two-Factor authentication, nor is it on an immediate roadmap. However, you can help us prioritize this work in the future by voting on these two issues: https://bitbucket.org/site/master/issue/5811/support-two-factor-authentication-bb-7016 and https://bitbucket.org/site/master/issue/3717/limiting-repo-access-by-ip-address-bb-3715. We still follow the Feature Implimentation Policy, but the votes are a part of our evaluation.

Ultimately, if you need this much control over your environment, we recommend switching to our behind the firewall product Stash. It offers many of the same features of Bitbucket, but you are 100% in control as it runs in your own network and hardware.

Suggest an answer

Log in or Join to answer
Community showcase
Piotr Plewa
Published Dec 27, 2017 in Bitbucket

Recipe: Deploying AWS Lambda functions with Bitbucket Pipelines

Bitbucket Pipelines helps me manage and automate a number of serverless deployments to AWS Lambda and this is how I do it. I'm building Node.js Lambda functions using node-lambda&nbsp...

638 views 0 4
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot