I have a script that uses SSH to pull the latest repo from bitbucket.org to a remote server.
ssh -t -t -p 722 <server-credentials> <<'ENDSSH'
cd <path-to-server-repo>.git
git fetch -vvv ssh://git@bitbucket.org/<path-to-bitbucket-repo>.git master
git --work-tree=$HOME/<path-to-work-tree> reset --hard FETCH_HEAD
ENDSSH
When it reaches the git fetch line it responds with...
The authenticity of host 'bitbucket.org (104.192.141.1)' can't be established.
ECDSA key fingerprint is SHA256:FC73VB6C4OQLSCrjEayhMp9UMxS97caD/Yyi2bhW/J0.
ECDSA key fingerprint is MD5:dc:05:b9:ef:7e:67:f0:a5:16:2c:28:1a:b8:3a:86:2c.
Are you sure you want to continue connecting (yes/no)?
When I enter yes, nothing happens. Until eventually...
packet_write_wait: Connection to <IP and port>: Broken pipe
This script works fine on another server - just not this one.
Examining ~/.ssh/known_hosts, there are several entries for bitbucket.org - at least some of which seem to correspond to the required public key.
Hi @TinkerBill,
You can execute the following command in order to remove any old Bitbucket host keys from the known_hosts file and ensure that the current host keys are there:
ssh-keygen -R bitbucket.org && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts
This command needs to be executed on the remote server where you fetch from the Bitbucket repo.
You can then execute the following command
ssh git@bitbucket.org host_key_info
and compare the fingerprint in the output with the fingerprints listed here, to ensure that it matches one of our keys.
The broken pipe error seems to come from the SSH connection between the machine that runs the script and the server it connects to. The server may be closing connections that are idle for too long.
You can try updating the ClientAliveInterval option on your server's sshd_config file:
However, this error may go away if you update the host keys in known_hosts and the git fetch command no longer requires input.
Kind regards,
Theodora
Thanks @Theodora Boudale . That's working.
I now realise that I'd been investigating/changing the known_hosts file on my Mac, whereas it's the one on the remote server that bitbucket is checking.
Older, wiser and grateful.
Bill
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Bill,
That's good to hear and you are very welcome.
Please feel free to reach out if you ever need anything else!
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.