Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to add bitbucket's public key to my known_hosts file?

I have a server that needs to run the command "git ls-remote" against one of my bitbucket Git repositories to locate a branch's commit hash.  I think I need to add bitbucket's public key to my .ssh/known_hosts file on my server in order to avoid the dreaded prompt, "The authenticity of 'bitbucket.org (ip6) can't be established."  However, I need to run this command inside a script.  How can I fetch that key inside my script and then write it to the known_hosts file?  I think I'm supposed to use the command "ssh-keyscan bitbucket.org >> ~/.ssh/known_hosts" but when I run that command I get some extra lines that don't look like they belong in my known_hosts file:

       # bitbucket.org:22 SSH-2.0-conker... app-133           <- Don't want this line

       # bitbucket.org:22 SSH-2.0-conker... app-126           <- Don't want this line

       bitbucket.org ssh-rsa AAAAB3N...                               <- Just need this line?

      # bitbucket.org:22 SSH-2.0-conker... app-132            <- Don't want this line

I think all I want is the third line above.  Is there a command to just pull that piece of data out so I can append it to my known_hosts file?  Thanks.

3 answers

0 votes

Hi! 

As I understand your problem mostly related IPv6, 

Please, have a look that answer 

https://stackoverflow.com/questions/42888832/cant-push-pull-to-bitbucket-via-ssh-using-ipv6

Host bitbucket
     HostName bitbucket.org
     User git
     IdentityFile ~/.ssh/id_rsa_bitbucket
     AddressFamily inet

 

I hope that info will help for you. 

 

 

Cheers,

Gonchik Tsymzhitov

Thanks Gonchik.  But I don't see how this is related to ipv6.  I'm just trying to figure out how to discover a bitbucket public RSA key programmatically so that I can insert it in my known_hosts file.  Perhaps bb posts it somewhere and I can just copy it into the file and push the file to my server.

I elected to create an SSH config file that turns off strict host key checking for my trusted host:

Host my-trusted-host.com
  StrictHostKeyChecking no

I know this is not the best solution but it is a temporary fix.

@flaugher I can offer an inelegant hack that works and allows you to not disable host key checking, which is dangerous, esp if these systems are outside a firewall). 

As you initially tried, ideally we would use ssh-keyscan to obtain the host fingerprint, and shove that into known_hosts. I had this need recently, and spent an hour or so on it but was not able to get that technique working. Neither `ssh-keyscan -H hostname` nor `ssh-keyscan -H -t rsa hostname` produced the right format for known_hosts.

I ended up punting and simply did a manual git-ssh operation, and accepted the host fingerprint manually, observed the fingerprint line that was added to my known_hosts, and copied that line for subsequent use.

In my case, I'm using Ansible to provision a Jenkins cluster that needs access to an on-prem Bitbucket instance, and I needed the git clone to work out of the box without manual intervention. So once I captured the ssh fingerprint from my known_hosts, I added this line to my Ansible playbook to make sure that line exists when bringing up new Jenkins masters/minions.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

Powering DevOps with Bitbucket Server & Data Center

Hi everyone, The Cloud team recently announced 12 new DevOps features that help developers ship better code, faster   ! While we’re all excited about the new improvements to Bitbucket ...

1,787 views 0 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you