Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

known_hosts messed up after ssh-host-key-changes instructions

josir
Contributor
May 16, 2023

I followed the instructions about the new host keys:

https://bitbucket.org/blog/ssh-host-key-changes

After that, when I tried to pull something from bitbucket, I got:

Warning: the ECDSA host key for 'bitbucket.org' differs from the key for the IP address '2406:da00:ff00::22e9:9f55'
Offending key for IP in /home/josir/.ssh/known_hosts:32
Matching host key in /home/josir/.ssh/known_hosts:166

I tried to remove all bitbucket keys:

ssh-keygen -R bitbucket.org

and replay the process. But the same problem occurs.

I also noticed that "curl https://bitbucket.org/site/ssh" is returning a different format that known_hosts stores.

I'm using Ubuntu 22.04

Could someone help me with that?

7 answers

1 accepted

112 votes
Answer accepted
josir
Contributor
May 22, 2023

Hi folks, problem solved by support.

1) To remove duplicates entries:

 ssh-keygen -R bitbucket.org && sed -i.old -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/d' ~/.ssh/known_hosts && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

2) To add new entries:

curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

3) To test if works:

ssh git@bitbucket.org host_key_info

The answer could be 2 entries (blog just note one of them):

256 SHA256:FC73VB6C4OQLSCrjEayhMp9UMxS97caD/Yyi2bhW/J0 bitbucket.org (ECDSA)
256 SHA256:ybgmFkzwOSotHTHLJgHO0QN8L0xErw6vd0VhFA9m3SM bitbucket.org (ED25519)

dyey May 23, 2023

Thanks @josir this worked for me.

Like josir likes this
Jackson Douglas
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 13, 2023

Thanks, @josir works!

Like josir likes this
Stanislav Filev
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 14, 2023

Thanks @josir this saved me a lot of time

Like josir likes this
Vacit
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 15, 2023

thanks, saved a day of debugging :pray:

Like josir likes this
Dan Ade
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 16, 2023

ChatGPT was clueless. Award goes to human this time. Thanks mate. 

Like # people like this
Ricardo Pérez Lorenzo
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 20, 2023

Thanks @josir 

Like josir likes this
Surya Van Lierde June 20, 2023

Thanks for taking the time to share the solution

Like josir likes this
hbozhao
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 20, 2023

I had the exact same issue. This worked like a charm!

Like josir likes this
Anil Agrawal
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 20, 2023

It worked.! Thanks.

Like josir likes this
kvaitulys
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 20, 2023

thanks

Like josir likes this
Jake Grabowski
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 21, 2023

thank you :)

Like josir likes this
Gennaro June 21, 2023

after using this commands this is What I can see:
ssh-keygen -R bitbucket.org && sed -i.old -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/d' ~/.ssh/known_hosts && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts
# Host bitbucket.org found: line 5 type RSA
# Host bitbucket.org found: line 6 type ECDSA
/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 836 100 836 0 0 2319 0 --:--:-- --:--:-- --:--:-- 2315
root@-Frontend:~#
root@-Frontend:~#
root@-Frontend:~#
root@-Frontend:~#
root@-Frontend:~#
root@-Frontend:~# curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 836 100 836 0 0 2305 0 --:--:-- --:--:-- --:--:-- 2303
root@-Frontend:~#
root@-Frontend:~#
root@-Frontend:~#
root@-Frontend:~#
root@-Frontend:~# ssh git@bitbucket.org host_key_info
key_read: uudecode AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUObitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M=
failed
key_read: uudecode AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUObitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M=
failed
Permission denied (publickey).

 

Can someone help me?

magic77 June 21, 2023

generate an ed25519 key if not done yet

ssh-keygen -t ed25519

At bitbucket add an new SSH Key visiting this Page

https://bitbucket.org/account/settings/ssh-keys/

Drop in the content from "id_ed25519.pub"

now it should work

Like # people like this
Gennaro June 21, 2023

I did what @magic77 suggested:

now what we have:

ssh git@bitbucket.org host_key_info
You are using host key with fingerprint:
ecdsa-sha2-nistp256 SHA256:FC73VB6C4OQLSCrjEayhMp9UMxS97caD/Yyi2bhW/J0

See https://bitbucket.org/blog/ssh-host-key-changes for more detaills.

is it right?

 

but my pipelines still fails with this error:

Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Like Chris Frewin likes this
magic77 June 21, 2023

@Gennarokey verification is correct now.

what helped for me was to edit known_hosts and removing all bitbucket entries

than run this command and try again

ssh-keygen -R bitbucket.org && sed -i.old -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/d' ~/.ssh/known_hosts && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

if it fails again, than you should check if you setup ssh key for pipelines too for your repo

Gennaro June 21, 2023

@magic77  I have two known_hosts (I don't know why)
in ~/.ssh/known_hosts 

i can see:

|1|GXXkl0+3UrHVxtXgkGrho0a6CYo=|9uUYtTnj/od4FEE9+wecfnZ824k= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAwbRs1nivqZp6LcqI3i0x4cch5SkfVbfZK/0xZAT/q8XtmKEkgdGQ70ktmy2A4G+WbVq7bLrR+blqMUAEHoIfg=
|1|O4NNAVSC1tjy3zGxgKgdgIr6Uw4=|TVqTeA4ggJDGwt3wAnqIWljylYs= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGtVO21yPG3iUWvUnZokkIZHZYUL8SRNCsULvg6ony4YoxzfeJA+4Rt04sibB6Z8QjuBo12WLZCl4U0jdxHrzUw=
|1|bPzBAG1Yhbu03vsUTNjYEMGzrxc=|jyD5XB4x5WWOk2kjfTF6blIe+XY= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGtVO21yPG3iUWvUnZokkIZHZYUL8SRNCsULvg6ony4YoxzfeJA+4Rt04sibB6Z8QjuBo12WLZCl4U0jdxHrzUw=
|1|dgfcEjlXkG1ww7XBRqGkeQ8r9TM=|leX7BvzyQZ28UxIUDz5MQaiImBA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGEzX0l5UW/hcw2N2e+iydjv1rTE2zpjZRTOA0KfkTmdvJlIyyaeR5vlyazts7PEiq4LYk0TEmlcgdemt+F2YHk=
|1|azllSsGuu9VsHypNqytLBaf6WD0=|mtu+Nu3CmwIKH1UJmz8lrlR0KE8= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE=
|1|EzZDw2QKiPtEN/sGz2eM/xCbHBo=|SUZZwJCRzFh001MfqJmMK9fGyD8= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE=

 

and in project folder /home/stocksmetic/.ssh:
|1|zLeMKAQAD3lQuhkRI9K9ZXr2Zug=|xOl5RuhSz5kuP+LBoTIZR0Xpmls= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|1|G7uJKHHxm6eNgasBhso44VPOzn0=|6d6MJeZ+qbhe7Iiq13q31DAx5Dc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|1|zqouReFt3i0HilligE6mQqJKKf4=|T9e9kaq8tiQgIQ57ldFAnPiYmAo= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|1|zjwt98sVkfg4W3fz5RZXUKUnmic=|qllR3ru7uiOgoRIjA73oFGD56/s= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|1|1uE2Ce45EAvkIqwFnitWdrVoTJo=|uOVK8md8Cg/O1JBPDaP+/0dpiSE= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|1|TjpvI7S7LGJj1CnPUqtlJfiQ12M=|Kv5p7qCmHkBACnwmn988N5hF24c= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAwbRs1nivqZp6LcqI3i0x4cch5SkfVbfZK/0xZAT/q8XtmKEkgdGQ70ktmy2A4G+WbVq7bLrR+blqMUAEHoIfg=
|1|jwTeUHFXKpK6eLWdbr+ymkm91gk=|pMhNd3LS1GJ43Ra+O17Nbn8nyrE= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAwbRs1nivqZp6LcqI3i0x4cch5SkfVbfZK/0xZAT/q8XtmKEkgdGQ70ktmy2A4G+WbVq7bLrR+blqMUAEHoIfg=
|1|CAW9F4onGt6gE2LUa/KAoAXBcLg=|zetLs6XC+1FtxFdLHsQLbdsZO90= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDTvzojwFmIV+jnRCN2tpbRmWWhdZt+LOvGZJ735tv6ME0wXx72JrF2LTre+s7X+22afG3AHXIjGNlf+Zax7WAk=
|1|RAlhr1yIcEhHghD2rqKlHXQYCFQ=|onimFYxEmOBW/s3eFqfdtQALylw= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|1|zrFfLDkn7N7YKg1uIisP2UKuPuE=|PxmmoHqxpCCLF3LtYHBBXt5CQng= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|1|x8ow/N3IckoD+rN/02zr3CQ1rVQ=|fNZ1S6jMtHrR4P9SfMxKTLnmFEI= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|1|E0KrK+GiHRs7IwLKbjtqCmc26Og=|QVZl4bl9H3aDZ7PfMAOCA0mmjoU= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDTvzojwFmIV+jnRCN2tpbRmWWhdZt+LOvGZJ735tv6ME0wXx72JrF2LTre+s7X+22afG3AHXIjGNlf+Zax7WAk=
|1|k4kmGkHcjz5kMuw2dA4QYKSOwNo=|zsf08bclO0Hmt76HTaAUW6oe/iE= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==

 

what lines should I delete? In witch of two files?

magic77 June 21, 2023

@Gennaronormally ssh uses the default folder "~/.ssh", but maybe you have an config file inside .ssh with additional ssh configuration setups

but try to run this command first

ssh-keygen -R bitbucket.org && sed -i.old -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/d' ~/.ssh/known_hosts && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

and than check if you have access to repo, if not check ssh config for pipelines at bitbucket

Gennaro June 22, 2023

@magic77 I used the command 
ssh-keygen -R bitbucket.org && sed -i.old -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/d' ~/.ssh/known_hosts && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

 

if I do the check 

ssh git@bitbucket.org host_key_info
You are using host key with fingerprint:
ecdsa-sha2-nistp256 SHA256:FC73VB6C4OQLSCrjEayhMp9UMxS97caD/Yyi2bhW/J0

See https://bitbucket.org/blog/ssh-host-key-changes for more details.
root@Stocksmetic-Frontend:~/.ssh#

 

but the pipeline still fails:

Schermata 2023-06-22 alle 09.07.01.png

Aravinth Kandasamy
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 22, 2023

Thanks it worked.

Like josir likes this
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 23, 2023

Hi,

@Gennaro, I see that you created a ticket with the support team. Please provide in the support ticket the URL of the Pipelines build that fails and the engineer working on your ticket will look into this.

@Aravinth Kandasamy, just a heads up, it is not necessary to generate new SSH keys to connect to Bitbucket Cloud, if you already had SSH keys set up. (It is not a problem that you did though)

The "Permission denied" error means that your private SSH key is not being offered when you ssh to bitbucket.org.

You can create a file named config in your ~/.ssh folder and add the following content in this file:

Host bitbucket.org
AddKeysToAgent yes
    IdentityFile ~/.ssh/id_ed25519

Then try executing the command git@bitbucket.org host_key_info again.

Kind regards,
Theodora

Like Aravinth Kandasamy likes this
HTT
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 25, 2023

Edit: Solved

Aravinth Kandasamy
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 26, 2023

@Theodora Boudale Thanks for your suggestion. It worked for me.

Like # people like this
Cristian Ramírez
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 4, 2023

Thank you!

Like josir likes this
Hoang Nguyen
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 12, 2023

This works, thanks!

Like josir likes this
Vladimír Čamaj July 25, 2023

Thank you very much. You saved my day.

Like josir likes this
aussieinchile
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
August 1, 2023

Brilliant, thank you.

Like josir likes this
Mark Gil Gutierrez
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
October 16, 2023

Thanks brother!

Like josir likes this
3 votes
Julian May 17, 2023

I noticed the same: curl https://bitbucket.org/site/ssh" is returning a different format
Go to the site using the browser and copy the content into ~./ssh/known_hosts

MoG
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 22, 2023

Thanks Julian! This worked for me. 

Erik Yamamoto
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 23, 2023

Same here, curl didn't work, but copy and paste directly from the link to the known_hosts file worked fine! Thanks!

1 vote
Reginaldo Marques Ruiz
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 21, 2023

SUP Guys!!!

I Have the same problem, but, unfortable I use powershell, and in powershell this commands didn't work.

Could someone help me? Please

 

Warning: the ECDSA host key for 'bitbucket.org' differs from the key for the IP address '104.192.141.1'

0 votes
Dramico Colebrooke
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 23, 2023

For us we had to add a newline to the end of the curl command that was provided in the guide.

0 votes
Adam J. Mendoza
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 21, 2023

Excellent! Fixed the issue, thx

0 votes
magic77 June 20, 2023

Had the same Problem and tried with

 ssh-keygen -R bitbucket.org && sed -i.old -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/d' ~/.ssh/known_hosts && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

Testing connection fails with:

Permission denied (publickey)

does somebody has an Idea?

 

EDIT: my fault, forgot to add the new SSH Key to bitbucket

0 votes
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 17, 2023

Hi @josir,

You can create a ticket with the support team and a support engineer will help you with these issues. You can create a ticket via https://support.atlassian.com/contact/#/

  • In "What can we help you with?" select Technical issues and bugs
  • In "Which product is this for?" select Bitbucket Cloud
  • In the next field enter your workspace URL
  • In "Are you having an issue with Bitbucket SSH Connections?" select Yes
  • Then, scroll down and select Need more help? to fill in the ticket details

Kind regards,
Theodora

josir
Contributor
May 17, 2023

Thanks Theodora. When support team respond, I will post the answer here. It can be helpfull to other users.

Like # people like this
Jessica Hrudey
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 17, 2023

That would be great if you could share the answer when you get it, Josir. Thanks! I am having the same issue.

Like josir likes this
Mickael Merlet
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 17, 2023

Hello,
I am having the same issue too : 

$ ssh git@bitbucket.org host_key_info
Warning: the ECDSA host key for 'bitbucket.org' differs from the key for the IP address '***.***.***.*'
Offending key for IP in /c/Users/mm/.ssh/known_hosts:9
Matching host key in /c/Users/mm/.ssh/known_hosts:14
Are you sure you want to continue connecting (yes/no)? yes
You are using host key with fingerprint:
ecdsa-sha2-nistp256 SHA256:****

Like josir likes this
artem.fedirchyk
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 17, 2023

Hi guys, I have the same issue too. Thank you in advance for the answer!

Like josir likes this
dyey May 18, 2023

I'm having this issue too after following the steps from https://bitbucket.org/blog/ssh-host-key-changes. 

$ git pull
Warning: the ECDSA host key for 'bitbucket.org' differs from the key for the IP address 'xxx.xxx.xxx.x'
Offending key for IP in /home/dyeyuen/.ssh/known_hosts:6
Matching host key in /home/dyeyuen/.ssh/known_hosts:30
Are you sure you want to continue connecting (yes/no)? yes
From bitbucket.org:my_org/my_repo

...leaving this comment here to get notifications for updates. Thanks!

Like josir likes this
Jackson Douglas
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 18, 2023

Hi folks, I have the same issue too. Thank you in advance for the answer!

Like josir likes this
Julian May 18, 2023

@dyey I think you have to remove the previous entries of bitbucket in known_hosts file
Those are the old public keys 

Julian May 18, 2023

I repost my previous comment here:

I noticed the same: curl https://bitbucket.org/site/ssh" is returning a different format. Go to the site using the browser and copy the content into ~./ssh/known_hosts

Like Bruna Vitoria likes this
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 18, 2023

Hello all,

The warning message you are receiving is likely related to old entries on your known_hosts file that are pointing to the bitbucket IP, instead of the domain name bitbucket.org.

To resolve this issue, you can remove the older entries and store the new ones using the following command : 

ssh-keygen -R bitbucket.org && sed -i.old -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/d' ~/.ssh/known_hosts && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

This is also covered in our Bitbucket Cloud SSH rotation FAQ

Thank you!

Patrik S

Like # people like this
josir
Contributor
May 18, 2023

Hi Patrick, I've done that already. But this command didn't add the new key:

josir@casa2:~$ ssh git@bitbucket.org host_key_info
You are using host key with fingerprint:
ecdsa-sha2-nistp256 SHA256:FC73VB6C4OQLSCrjEayhMp9UMxS97caD/Yyi2bhW/J0

See https://bitbucket.org/blog/ssh-host-key-changes for more details.

It's better than the published on blog because it removes the duplicated lines but it didn't add the new host key.

I created a support ticket for that:

https://support.atlassian.com/requests/BBS-202972

hsandt May 24, 2023

I cannot see the ticket. Is is private?

I also noticed that https://bitbucket.org/site/ssh doesn't show the same RSA key as https://bitbucket.org/blog/ssh-host-key-changes, probably because the former is the current one and the latter shows the new RSA key after the rotation in June 20 (this means if you added it before, it will cease to work after the rotation date; but you should switch to ECDSA/ED25519 anyway).

I'll probably just add those 2 keys manually, then see if I also get a warning.

josir
Contributor
June 16, 2023

Hi @hsandt probably all support tickets are private.

Jan Szymański
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 29, 2023

Thanks it works.

Zach Risher
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
January 5, 2024

@josir's original suggestion worked for me, thank you!

Like josir likes this

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events