Include ssh.bitbucket.org host keys in Bitbucket Pipelines default known_hosts

XMLWordPrintable

    • 1

      Issue Summary

      Bitbucket Cloud is transitioning SSH access from bitbucket.org to ssh.bitbucket.org (as announced Upcoming change to Bitbucket Cloud SSH access: move from bitbucket.org to ssh.bitbucket.org). However, the default known_hosts file provided by Bitbucket Pipelines (both Cloud and Self-hosted runners) currently only contains fingerprints for bitbucket.org and github.com.

      When users attempt to use the new ssh.bitbucket.org endpoint within a pipeline, the connection fails with a "Host key verification failed" error unless they manually intervene.

      Steps to Reproduce

      1. Use the following command in the Pipeline  
        ssh -T git@ssh.bitbucket.org
      1. Run the Pipeline

      Expected Results

      Pipeline build should complete with success

      Update the Bitbucket Pipelines runner environment to include the public host keys for ssh.bitbucket.org in the global /root/.ssh/known_hosts (or equivalent) file by default.

      Actual Results

      Pipeline build fail with following error

      Host key verification failed.

      Pipeline build default known_hosts file provided by Bitbucket Pipelines (both Cloud and Self-hosted runners) currently only contains fingerprints for bitbucket.org and github.com.

      Workaround

      Users currently have to add the following to their pipeline scripts:

      curl -s https://bitbucket.org/site/ssh | sed 's/bitbucket.org/ssh.bitbucket.org/' >> ~/.ssh/known_hosts

              Assignee:
              Unassigned
              Reporter:
              Sandeep K
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: