In this blog post we are going to learn how to use SSH for Bitbucket on Windows.
I am using Windows 10 and Cmder.
How to establish the authenticity of the host?
Lets try to clone a repository using SSH.
git clone firstname.lastname@example.org:narkhedegs/ssh-for-bitbucket-on-windows.git
Git is asking us to establish the authenticity of bitbucket.org and we have been presented with the RSA key fingerprint for bitbucket.org. If we answer 'yes' to the question 'Are you sure you want to continue connecting (yes/no)?' git is just going to add an entry for bitbucket.org into known_hosts file. The known_hosts file is located at %USERPROFILE%\.ssh on windows. However before we add bitbucket.org (or any other host) to known_hosts we should verify the RSA key fingerprint for the host.
How to verify RSA key fingerprint for a host?
It is a good practice for administrators to provide the RSA key fingerprint for the host however not everyone provides it. Fortunately bitbucket does provide the RSA key fingerprint. You can find it at Bitbucket - Troubleshoot SSH issues. The RSA key fingerprint for Bitbucket.org is SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A. This is same as the one presented to us. So we can answer 'yes' to the question and bitbucket.org will be added to known_hosts. Next time we try to SSH into bitbucket.org we won't be asked the question about the authenticity of the host.
In case the administrator didn't provide the RSA key fingerprint we can generate it ourself. Lets generate it for bitbucket.org.
ssh-keyscan bitbucket.org | ssh-keygen -l -f /dev/stdin
Set up SSH key for bitbucket
After we answer 'yes' to the authenticity of the host question we receive access rights error as shown in the screenshot.
In order to resolve this issue we need to set up SSH key for bitbucket. You can follow the steps provided here to set up SSH key for bitbucket. Once the SSH key is set up for bitbucket we should be able to clone (or other git operations) our repository over SSH.
- Get SSH server key fingerprint Stackexchange post about generating RSA key fingerprint for a host