It's not the same without you
Join the community to find out what other Atlassian users are discussing, debating and creating.
So I just found out that you can get the entire repository without logging into bitbucket. Obviously I don't want that happening. I have set up SSH keys to use with Git and that works fine.
How can I prevent anyone from accessing my stuff?
Hey there,
When you set up SSH for your Bitbucket account, you're able to use the SSH private key for authentication. This means that it's as important to make sure you keep your private key private as it is to keep your password and username private, combined.
To directly answer your question, you prevent people from accessing your stuff by keeping that private key private. For instance, never, ever transmit the private key over the network; if you ever think your private key is compromised, destroy it, revoke its access, and make a fresh one.
This is not a key-pair issue:
I was getting ready to set up the keys on another machine (I had nothing configured on that machine at all, not even Git.) I was remotely connected to this computer from one that was logged into bitbucket.
Without thinking, I copied the url from a file in my download (the private key!) on one computer and pasted it into my browser on the other (that was not set up yet.) I was able to download the file(!) So for grins, I copied the URL for the zip file (Download Repository) from the first computer and pasted it into the browser on the second and low and behold, I was able to download the entire contents of my repository without ever logging in!
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.
Read moreBitbucket Pipelines helps me manage and automate a number of serverless deployments to AWS Lambda and this is how I do it. I'm building Node.js Lambda functions using node-lambda ...
Connect with like-minded Atlassian users at free events near you!
Find a groupConnect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.
Start an AUGYou're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.