Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

We receive an email about SSH changes

nverdaguer
Contributor
June 20, 2023

We receive an email with this link:

https://bitbucket.org/blog/ssh-host-key-changes?utm_source=alert-email&utm_med

 

We use ssh key to authenticate sourcetree, version 3.4.13, the last one (on windows 10) against bitbucket.org

Sourcetree use putty/pageant as ssh client

It's absolutely crazy reconfigure this

The error in sourcetree pull (in for example: git@bitbucket.org:softneos/reserva-play.git) says:

-------

git -c diff.mnemonicprefix=false -c core.quotepath=false --no-optional-locks fetch --no-tags origin
WARNING - POTENTIAL SECURITY BREACH!
The host key does not match the one PuTTY has cached
for this server:
bitbucket.org (port 22)
This means that either the server administrator has
changed the host key, or you have actually connected
to another computer pretending to be the server.
The new rsa2 key fingerprint is:
ssh-rsa 3072 SHA256:46OSHA1Rmj8E8ERTC6xkNcmGOw9oFxYr0WF6zWW8l1E
If you were expecting this change and trust the new key,
enter "y" to update PuTTY's cache and continue connecting.
If you want to carry on connecting but without updating

---------

 

We want the detailed STEPS, no more losing time. VERY URGENT, we cannot work

Thanks in advance

 

best,

7 answers

1 accepted

11 votes
Answer accepted
Mickael Merlet
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 21, 2023

Yes.
Run Putty.exe

Connect to bitbucket.org :

2023-06-21_11h00_17.png

And then clic Yes :

2023-06-21_10h58_30.png

nverdaguer
Contributor
June 21, 2023

Thank you very much

We have tried with regedit (in order to delete cache of putty) but no results

 

Your answer worked perfect for me

Thanks @Mickael Merlet 

Like Mickael Merlet likes this
Adonias Landa
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 27, 2023

That worked for me too! Thanks @Mickael Merlet 

Like Mickael Merlet likes this
10 votes
Jonathan Bouillet
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 21, 2023

GO to :

AppData\Local\SourceTree\app-3.4.13\tools\putty

Open PowerShell in the folder

type

.\plink.exe -ssh git@bitbucket.org
answer y and wait a bit

Ctrl+c

Should be Fixed

0 votes
KIRINPUTRA
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 23, 2023

(delete)

0 votes
vlasov June 21, 2023

Just in case, I will add instructions for OpenSSH and SourceTree.

I will also add a link to the instruction in Russian

Instructions for Mac are in this video.

I use OpenSSH because bitbucket instructions usually talk about it. So I decided not to use Pageant/Putty.
————————————————————
————————————————————
1. First, we follow their instructions, which most likely will not work for you, open the terminal and write:


ssh git@bitbucket.org host_key_info

It will show you a similar error:


@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@
@WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256: blah blah.
Please contact your system administrator.
Add correct host key in C:\\Users\\Andrew/.ssh/known_hosts to get rid of this message.
Offending RSA key in C:\\Users\\Andrew/.ssh/known_hosts:1
RSA host key for bitbucket.org has changed and you have requested strict checking.
Host key verification failed.

2. Then we go to solve the problem. You need to create new keys that bitbucket accepts:
https://support.atlassian.com/bitbucket-cloud/docs/set-up-personal-ssh-keys-on-windows/#Create-an-SSH-key-pair

That is, we use the command:


ssh-keygen -t ed25519 -b 4096 -C "YourBitbucketMail" -f bitbucket_work

Please note that I entered the name of the future bitbucket_work key file here - purely for convenience. If you do the same, then it will be easier to copy commands later, since the file name will be used everywhere.

In the root of the user folder C:\Users\YourUsername\ 2 files appear:
bitbucket_work - private key
bitbucket_work.pub - public key

In the C:\Users\YourUsername\.ssh folder, create a text file with no extension called config - this is the ssh configuration file that the ssh agent will use.
Inside add the following:


Host bitbucket.org
AddKeysToAgent yes
IdentityFile bitbucket_work

3. Now you also need to add your key to the Bitbucket service itself. To do this, go to Settings (gear in the upper right corner) → Personal Bitbucket Settings → SSH keys → Click the "Add key" button and paste the contents of your bitbucket_work.pub file (public key) there. Label as you wish.

4. So, after creating the keys and the configuration file, you need to add the key to the ssh agent. By default, it will not let you do this, since it is not running. Therefore, we follow this instruction: https://unix.stackexchange.com/questions/464574/ssh-add-returns-with-error-connecting-to-agent-no-such-file-or-directory

1. Check the current status of ssh-agent:

Get-Service | ?{$_.Name -like '*ssh-agent*'} | select -Property Name, StartType, Status

2. Enable the Service if it is disabled:

Set-Service -Name ssh-agent -StartupType Manual

3. Start the Service:

Start-Service ssh-agent

Agent started. NOW you can add a key to it:


ssh-add bitbucket_work

Here we use the ssh-add <path to the key> command, but since we are already in the correct directory, we simply enter the file name.

In the console you will see the message:


Identity added: bitbucket_work (YourMail)

Now you can check if bitbucket access works:


ssh -T git@bitbucket.org


You will see a response like this:


authenticated via ssh key.

You can use git to connect to Bitbucket. Shell access is disabled

Finally, you need to set up the SourceTree. Go to Tools → Options. Choose an SSH client: OpenSSH. Enter your private key in the key field 

Sourcetree_ssh_Screenshot.png

After all these manipulations, SourceTree should work.

0 votes
mai_il_2011 June 21, 2023

Mickael Merlet's answer worked for me. Absolutely insane that they wouldn't include these steps in their documentation. SourceTree and Bitbucket are utter garbage when it comes to telling you how their own software works. They push updates out the door with little to no documentation.

nverdaguer
Contributor
June 21, 2023

Totally insane. It's a shame they don't talk about SourceTree for Windows (+putty as ssh client) connected to bitbucket.org via ssh. They make a critical change and only consider 10% of the possible scenarios. Surely other scenarios are not documented either

0 votes
Marko Kecman
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 21, 2023

Same problem, and instructions don't work.. just lost several hours of "work". 

nverdaguer
Contributor
June 21, 2023

Answer of @Mickael Merlet works for me!

Like Mickael Merlet likes this
0 votes
vlasov June 21, 2023

Have you found a solution?

nverdaguer
Contributor
June 21, 2023

Yes, answer of @Mickael Merlet works for me!

Like Mickael Merlet likes this

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
TAGS
AUG Leaders

Atlassian Community Events