Adding an SSH Access Key to a Specific Repository Grants SSH Access to All Public Repositories

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Low
    • None
    • Affects Version/s: 9.4.5, 9.6.1
    • Component/s: Access Keys, SSH
    • None
    • 1
    • Severity 3 - Minor
    • 1

      Issue Summary

      • Adding an SSH access key to a specific repository unexpectedly grants SSH access to all public repositories.

      Steps to Reproduce

      • Create Public repo.
      • Create a Private repo.
      • Attempt to clone the public repository via SSH – the operation should fail.
      • Generate an SSH Access key and add it to the private repository.
      • Attempt to clone the public repository again – this time, it succeeds.

      Expected Results

      • Bitbucket should enforce SSH access key boundaries, preventing SSH cloning of public repositories unless the key is explicitly added to the repository or user profile.

      Actual Results

      • Addition of access key to seperate repository enables access to all Public repository over ssh.

      Workaround

            Assignee:
            Unassigned
            Reporter:
            Karthik Mahesh
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: