You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I had been on another part of a project for a while, so the repository wasn't accessed for about 10 months or so.
2 days ago, I was tasked on working on it again, only to find out the repository had disappeared. Other repositories on our account hadn't, just this one, so that was odd. I had other things on my to-do list, and I wasn't worried (I still had the local files), so I decided I'd try to fix it today.
As if by miracle, today the repository was back as if it was never gone. I was relieved for a moment until I tried to test access to the repository with a pull request.
As you can see, things got a lot more odd. I went to check my RSA keys and those on bitbucket only to find out those were still the same... but the fingerprint I left partially unredacted in the image above (SHA256:4*******************************E) was not the fingerprint I had listed in my known_hosts.
Conclusion; either bitbucket must have changed servers/fingerprints at some point in the last 10 months, or I am actually dealing with a man-in-the-middle attack?
Can someone confirm if bitbucket made such changes in the last 10 months?
And if not... welp... does anyone know how to get rid of a man-in-the-middle attacker?
G'day @HS_Elwin !
We rotated our SSH host key back in May of this year. If that host key has not been updated on your end, you will receive that error message.
Please refer to our article for troubleshooting steps to fix this:
Hope this helps, let me know if any issues.
- Ben (Bitbucket Cloud Support)