Using SSH keys to secure Git operations
Bitbucket Server provides a simple way for user accounts and other systems to connect securely to Bitbucket Server repositories, using SSH keys, in order to perform Git operations. You can:
- add a personal key to a Bitbucket Server user account to allow a developer to easily authenticate when performing read operations from his or her local machine. A Bitbucket Server user can add any number of keys to their account. Read more at SSH user keys for personal use.
- add an access key to a Bitbucket Server project or repository to allow other systems, such as build servers like Atlassian's Bamboo, to authenticate for either read-only (pull, clone) or read-write (push, merge) operations, without the need to store user credentials. Read more at SSH access keys for system use.
Before you can use SSH keys to secure a connection with Bitbucket Server the following must have already been done:
- your Bitbucket Server administrator must have already enabled SSH access in Bitbucket Server.
- you need an SSH key! See Creating SSH keys. Alternatively, you can use an existing key, if it isn't already being used as a repository or project access key in Bitbucket Server.
- You can use the same SSH system access key for multiple repositories or projects.
- A Bitbucket Server user can add any number of keys to their account.
- Keys used for personal user accounts can't be re-used as a project or repository access key, and keys used as a project or repository access key can't be re-used for user accounts.
- Bitbucket Server supports DSA and RSA2 key types – RSA1 is not supported.