Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,552,203
Community Members
 
Community Events
184
Community Groups

known_hosts messed up after ssh-host-key-changes instructions

josir
josir May 16, 2023

I followed the instructions about the new host keys:

https://bitbucket.org/blog/ssh-host-key-changes

After that, when I tried to pull something from bitbucket, I got:

Warning: the ECDSA host key for 'bitbucket.org' differs from the key for the IP address '2406:da00:ff00::22e9:9f55'
Offending key for IP in /home/josir/.ssh/known_hosts:32
Matching host key in /home/josir/.ssh/known_hosts:166

I tried to remove all bitbucket keys:

ssh-keygen -R bitbucket.org

and replay the process. But the same problem occurs.

I also noticed that "curl https://bitbucket.org/site/ssh" is returning a different format that known_hosts stores.

I'm using Ubuntu 22.04

Could someone help me with that?

Answer
Watch
Like # people like this
1204 views

2 answers

2 votes
Julian
Julian May 17, 2023

I noticed the same: curl https://bitbucket.org/site/ssh" is returning a different format
Go to the site using the browser and copy the content into ~./ssh/known_hosts

View More Comments
Morag Grey
MoG
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 22, 2023 • edited

Thanks Julian! This worked for me. 

Like
Erik Yamamoto
Erik Yamamoto
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 23, 2023

Same here, curl didn't work, but copy and paste directly from the link to the known_hosts file worked fine! Thanks!

Like
Reply
0 votes
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 17, 2023

Hi @josir,

You can create a ticket with the support team and a support engineer will help you with these issues. You can create a ticket via https://support.atlassian.com/contact/#/

  • In "What can we help you with?" select Technical issues and bugs
  • In "Which product is this for?" select Bitbucket Cloud
  • In the next field enter your workspace URL
  • In "Are you having an issue with Bitbucket SSH Connections?" select Yes
  • Then, scroll down and select Need more help? to fill in the ticket details

Kind regards,
Theodora

View More Comments
josir
josir May 17, 2023

Thanks Theodora. When support team respond, I will post the answer here. It can be helpfull to other users.

Like # people like this
Jessica Hrudey
Jessica Hrudey
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 17, 2023

That would be great if you could share the answer when you get it, Josir. Thanks! I am having the same issue.

Like josir likes this
Mickael Merlet
Mickael Merlet May 17, 2023 • edited

Hello,
I am having the same issue too : 

$ ssh git@bitbucket.org host_key_info
Warning: the ECDSA host key for 'bitbucket.org' differs from the key for the IP address '***.***.***.*'
Offending key for IP in /c/Users/mm/.ssh/known_hosts:9
Matching host key in /c/Users/mm/.ssh/known_hosts:14
Are you sure you want to continue connecting (yes/no)? yes
You are using host key with fingerprint:
ecdsa-sha2-nistp256 SHA256:****

Like josir likes this
artem_fedirchyk
artem_fedirchyk May 17, 2023

Hi guys, I have the same issue too. Thank you in advance for the answer!

Like josir likes this
Jun jun Tomagan
Jun jun Tomagan May 18, 2023

I'm having this issue too after following the steps from https://bitbucket.org/blog/ssh-host-key-changes. 

$ git pull
Warning: the ECDSA host key for 'bitbucket.org' differs from the key for the IP address 'xxx.xxx.xxx.x'
Offending key for IP in /home/dyeyuen/.ssh/known_hosts:6
Matching host key in /home/dyeyuen/.ssh/known_hosts:30
Are you sure you want to continue connecting (yes/no)? yes
From bitbucket.org:my_org/my_repo

...leaving this comment here to get notifications for updates. Thanks!

Like josir likes this
Jackson Douglas
Jackson Douglas
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 18, 2023

Hi folks, I have the same issue too. Thank you in advance for the answer!

Like josir likes this
Julian
Julian May 18, 2023

@Jun jun Tomagan I think you have to remove the previous entries of bitbucket in known_hosts file
Those are the old public keys 

Like
Julian
Julian May 18, 2023

I repost my previous comment here:

I noticed the same: curl https://bitbucket.org/site/ssh" is returning a different format. Go to the site using the browser and copy the content into ~./ssh/known_hosts

Like Bruna Vitoria likes this
Patrik S
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 18, 2023

Hello all,

The warning message you are receiving is likely related to old entries on your known_hosts file that are pointing to the bitbucket IP, instead of the domain name bitbucket.org.

To resolve this issue, you can remove the older entries and store the new ones using the following command : 

ssh-keygen -R bitbucket.org && sed -i.old -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/d' ~/.ssh/known_hosts && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

This is also covered in our Bitbucket Cloud SSH rotation FAQ

Thank you!

Patrik S

Like
josir
josir May 18, 2023

Hi Patrick, I've done that already. But this command didn't add the new key:

josir@casa2:~$ ssh git@bitbucket.org host_key_info
You are using host key with fingerprint:
ecdsa-sha2-nistp256 SHA256:FC73VB6C4OQLSCrjEayhMp9UMxS97caD/Yyi2bhW/J0

See https://bitbucket.org/blog/ssh-host-key-changes for more details.

It's better than the published on blog because it removes the duplicated lines but it didn't add the new host key.

I created a support ticket for that:

https://support.atlassian.com/requests/BBS-202972

Like
hsandt
hsandt May 24, 2023

I cannot see the ticket. Is is private?

I also noticed that https://bitbucket.org/site/ssh doesn't show the same RSA key as https://bitbucket.org/blog/ssh-host-key-changes, probably because the former is the current one and the latter shows the new RSA key after the rotation in June 20 (this means if you added it before, it will cease to work after the rotation date; but you should switch to ECDSA/ED25519 anyway).

I'll probably just add those 2 keys manually, then see if I also get a warning.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events

See all events