The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
Is it still possible to use RSA keys for SSH authentication in bitbucket?
I've been using bitbucket since a while back and I have been using a Yubikey+GPG+gpgagent to authenticate against my bitbucket repositories. One day, it suddenly stopped working while still working on other git cloud repository providers. Public key was the same and I tested on different computers.
After some investigation I realized that the problem was not the Yubikey or the fact that I was using `gpgagent`.
* If I generate a ssh-key with `ssh-keygen -t rsa` and I add the public key to my SSH keys, I can't use it for authentication.
* If I generate a ssh-key with `ssh-keygen -t ed25519` then everything works fine.
G'day!
The RSA SHA-1 hash algorithm is being quickly deprecated across operating systems and SSH clients because of various security vulnerabilities, with many of these technologies now outright denying the use of this algorithm. For example, here is a link to an announcement from OpenSSH mentioning the same:
https://www.openssh.com/txt/release-8.2
In order to re-enable ssh-rsa support, inserting the following line into the affected SSH client's config file can re-enable this algorithm:
PubkeyAcceptedKeyTypes +ssh-rsa
Please note that this is not a recommended solution and we would recommend using ECDSA and ED25519 hash algorithms instead.
Cheers!
- Ben (Bitbucket Cloud Support)
Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...
Connect with like-minded Atlassian users at free events near you!
Find an eventConnect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.
Host an eventYou're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.