Since today, it is not possible to connect to any repository with any user or any pc. I have tried to access the repositories with different users (with different ssh credentials), with different PCs and different repositories. https-access is working so far.
Yesterday, the ssh access worked without problems. As there was no software update on the server in the night, I have no clue what could be the reason. As the access problem exists on all clients, I think it must be a server issue. Therefore I tried to upgrade to the newest bitbucket software. The upgrade worked perfectly so far, however ssh access is still not possible.
According to netstat (sudo netstat -plnt), the port 7999, the port is listened.
tcp6 0 0 :::7999 :::* LISTEN 3683/java
Has anyone any hint, why the ssh access is not possible any more?
This is the result of the console:
ssh -p 7999 -vT git@***.com whoami
OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015
debug1: Reading configuration data /c/Users/Mathias/.ssh/config
debug1: /c/Users/Mathias/.ssh/config line 1: Applying options for ***.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to stash.repalogic.com [***] port 7999.
debug1: Connection established.
debug1: identity file /c/Users/Mathias/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Mathias/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version SSHD-UNKNOWN
debug1: no match: SSHD-UNKNOWN
debug1: Authenticating to ***.com:7999 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha2-256 none
debug1: kex: client->server aes128-ctr hmac-sha2-256 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:***
debug1: Host '[***.com]:7999' is known and matches the RSA host key.
debug1: Found key in /c/Users/Mathias/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/Mathias/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to ***.com ([***]:7999).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending command: whoami
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 3160, received 1672 bytes, in 0.1 seconds
Bytes per second: sent 22734.8, received 12029.3
debug1: Exit status 1
I found an interesting log entry, however still no clue what happened:
c.a.b.i.ssh.server.SshCommandAdapter git was successfully authenticated via public key, but is no longer active in the underlying user directory. The request has been blocked
So that seems to be the reason why no ssh access is possible. It seems that there was no connection to the jira server for a longer time (seems to be ssl problems) and that therefore the accounts have been blocked.
Found the reason why no ssh login was possible any more.
The bitbucket server was connected to jira, however the ssl certificate was not trusted (the jira certificate was not in the truststore of the bitbucket server). Thus, no user directory synchronisation was possible. Bitbucket blocked now the ssh login. Reanabling the user synchronisation fixed the problem.
Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs