Step 1. Read a quick overview of SSH concepts
To use SSH with Bitbucket, you create an SSH identity. An identity consists of a private and a public key which together are a key pair. The private key resides on your local computer and the public you upload to your Bitbucket account. Once you upload a public key to your account, you can use SSH to connect with repositories you own and repositories owned by others, provided those other owners give your account permissions. By setting up SSH between your local system and the Bitbucket server, your system uses the key pair to automate authentication; you won't need to enter your password each time you interact with your Bitbucket repository.
There are a few important concepts you need when working with SSH identities and Bitbucket
- You cannot reuse an identity's public key across accounts. If you have multiple Bitbucket accounts, you must create multiple identities and upload their corresponding public keys to each individual account.
- You can associate multiple identities with a Bitbucket account. You would create multiple identities for the same account if, for example, you access a repository from a work computer and a home computer. You might create multiple identities if you wanted to execute DVCS actions on a repository with a script – the script would use a public key with an empty passphrase allowing it to run without human intervention.
RSA (R. Rivest, A. Shamir, L. Adleman are the originators) and digital signature algorithm (DSA) are key encryption algorithms. Bitbucket supports both types of algorithms. You should create identities using whichever encryption method is most comfortable and available to you.
Step 2. Check if you have existing default Identity
The Git Bash shell comes with an SSH client. Do the following to verify your installation:
- Double-click the Git Bash icon to start a terminal session.
Enter the following command to verify the SSH client is available:
manthony@MANTHONY-PC ~ $ ssh -v OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007 usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec] [-D [bind_address:]port] [-e escape_char] [-F configfile] [-i identity_file] [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-R [bind_address:]port:host:hostport] [-S ctl_path] [-w local_tun[:remote_tun]] [user@]hostname [command]If you have
ssh
installed, go to the next step.
If you don't havessh
installed, install it now with your package manager.List the contents of your
~/.ssh
directory.
If you have not used SSH on Bash you might see something like this:manthony@MANTHONY-PC ~ $ ls -a ~/.ssh ls: /c/Users/manthony/.ssh: No such file or directoryIf you have a default identity already, you'll see two
id_*
files:manthony@MANTHONY-PC ~ $ ls -a ~/.ssh . .. id_rsa id_rsa.pub known_hostsIn this case, the default identity used RSA encryption (
id_rsa.pub
). If you want to use an existing default identity for your Bitbucket account, skip the next section and go to create a config file.Step 3. Set up your default identity
By default, the system adds keys for all identities to the
/Users/yourname/.ssh
directory. The following procedure creates a default identity.More information can be found here:
- Open a terminal in your local system.
Enter
ssh-keygen
at the command line.
The command prompts you for a file to save the key in:manthony@PHOENIX ~ $ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/c/Documents and Settings/manthony/.ssh/id_ rsa):Press enter to accept the default key and path,
/c/Documents and Settings/manthony/.ssh/id_rsa
, or you can create a key with another name.
To create a key with a name other than the default, specify the full path to the key. For example, to create a key calledmy-new-ssh-key
, you would enter a path like this at the prompt:manthony@PHOENIX ~ $ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/c/Documents and Settings/manthony/.ssh/id_ rsa): /c/Documents and Settings/manthony/My Documents/keys/my-new-ssh-keyEnter and renter a passphrase when prompted.
Unless you need a key for a process such as script, you should always provide a passphrase.
The command creates your default identity with its public and private keys. The whole interaction looks similar to the following:manthony@MANTHONY-PC ~ $ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/c/Users/manthony/.ssh/id_rsa): Created directory '/c/Users/manthony/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /c/Users/manthony/.ssh/id_rsa. Your public key has been saved in /c/Users/manthony/.ssh/id_rsa.pub. The key fingerprint is: e7:94:d1:a3:02:ee:38:6e:a4:5e:26:a3:a9:f4:95:d4 manthony@MANTHONY-PC manthony@MANTHONY-PC ~ $List the contents of
~/.ssh
to view the key files.
You should see something like the following:
$ ls ~/.ssh
id_rsa id_rsa.pub
The command created two files, one for the public key ( for example
id_rsa.pub
) and one for the private key (for example,id_rsa
).https://confluence.atlassian.com/display/BITBUCKET/Set+up+SSH+for+Git