Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,361,502
Community Members
 
Community Events
168
Community Groups

What is bitbucket RSA key fingerprint?

Where can I check the current Bitbucket RSA key fingerprint?

I'm getting these when connecting, but I don't want to 'trust on first connect' without confirmation from other source.

RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.

RSA key fingerprint is SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A.

 

 

 

3 answers

1 accepted

3 votes
Answer accepted
jredmond Atlassian Team Feb 24, 2016

When I follow that link it redirects me to a different page and I can’t find where the fingerprints are listed on it. Where’s a good place to find this information these days? Or could you give me step-by-step instructions on how far to scroll into the page and what things to expand to find it?

Like yrosenthal likes this
Deleted user Jun 27, 2018
Like # people like this

These links are all dead already.

All 3 links are ok when I try.

Perhaps I just don't have access?  I get:

 

"Something went wrong.

We're moving mountains to get it sorted."

Correct me if I'm wrong but these pages only list the bitbucket.org finger prints.  Where is the altssh.bitbucket.org:443 finger print published?

As of just now, that page no longer lists the fingerprints:

Screenshot 2022-01-12 161641.png

The suggestion to use ssh-keyscan amounts to not checking the fingerprint at all (see https://security.stackexchange.com/questions/251496/is-getting-server-host-key-with-ssh-keyscan-secure).

Has Atlassian changed it RSA fingerprint?

I'm getting this since now

 

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:3XxnFBKg0mjT5ZBCiHv2nT0HxT3HsRCJoqiJF8zMc+A.

The fingerprint is different from the one detailed in the wiki posted before.

jredmond Atlassian Team Dec 12, 2018

No, the key has not changed, so that fingerprint is invalid. Are you connecting through a proxy?

Thanks, it was a proxy. Working now

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

Git push size limits are coming to Bitbucket Cloud starting April 4th, 2022

Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...

3,495 views 3 10
Read article

Atlassian Community Events