Using SSH keys to secure Git operations
Bitbucket Data Center and Server provides a simple way for users and other systems to connect securely to Bitbucket repositories, using SSH keys, in order to perform Git operations. You can:
- add a personal SSH key to your user account to easily authenticate when performing read operations from your local machine. A Bitbucket user can add any number of keys to their account. Read more at SSH user keys for personal use.
- add an SSH access key to a Bitbucket project or repository to allow other systems, such as build servers like Atlassian's Bamboo, to authenticate for either read-only (pull, clone) or read-write (push, merge) operations, without the need to store user credentials. Read more at SSH access keys for system use.
Before you can use SSH keys to secure a connection with Bitbucket the following must have already been done:
- your Bitbucket administrator must have already enabled SSH access in Bitbucket.
- your Bitbucket administrator has allowed the SSH key type and length you wish to use. Learn more about how your admin can manage settings for SSH keys
- you need an SSH key! See Creating SSH keys. Alternatively, you can use an existing key, if it isn't already being used as a repository or project access key in Bitbucket.
- You can use the same SSH system access key for multiple repositories or projects.
- A Bitbucket user can add any number of keys to their account.
- Keys used for personal user accounts can't be re-used as a project or repository access key, and keys used as a project or repository access key can't be re-used for user accounts.
- Bitbucket supports DSA, ECDSA, RSA2, and Ed25519 key types – RSA1 is not supported.