How to obtain the SSH fingerprint from Bitbucket Server without connecting to it first

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform notice: Server and Data Center only. This article only applies to Atlassian products on the server and data center platforms.

    

Summary

For security reasons it may be desirable to obtain the SSH fingerprint that Bitbucket Server or Data Center's SSH server will send without connecting via SSH first. This document explains how to retrieve the fingerprint using an alternative method.

Environment

Bitbucket Server or Data Center

Solution

To retrieve the SSH fingerprint, perform the following steps on the machine where Bitbucket Server is installed. In case of a Bitbucket Data Center instance you can perform these steps on any one of the nodes.

  1. Copy the SSH key pair to a temporary location 
    cp <BitbucketHome>/shared/config/ssh-server-keys.pem /tmp

    where <BitbucketHome>  is the Bitbucket Server home directory.

  2. Change the permissions on the temporary file so only the owner can access it 
    chown 600 /tmp/ssh-server-keys.pem
  3. Run the ssh-keygen  utility to extract the SSH fingerprint from the key pair file 
    ssh-keygen -lf /tmp/ssh-server-keys.pem
    This will produce output similar to this: 
    2048 SHA256:U+NO3sOxbAvVCtF1NCN/ZL2+rWJ9bddDQSoGom1TsI8 no comment (RSA)

    In this example output the fingerprint is U+NO3sOxbAvVCtF1NCN/ZL2+rWJ9bddDQSoGom1TsI8 


Last modified on Aug 8, 2022

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.