Uploaded image for project: 'Bitbucket Cloud'
  1. Bitbucket Cloud
  2. BCLOUD-3361

Try more than the default # of keys (6) for method publickey.

    XMLWordPrintable

Details

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      The use case is pretty simple: pushing code to a bitbucket repo on a remote system without exposing an encrypted private key, stored locally (usually a laptop), loaded via ssh agent. Well aware of another ssh agent issue, this has been tested and is not related.

      This works with bitbucket with a small number of keys, but it is inadequate for enterprise environments where there are likely more than 6 keys.

      * This can be increased by a simple packaged rebuild of ssh bumping AUTH_FAIL_MAX to a reasonable number (i.e., 12). There is a theoretical reduction of complexity for attacking SSH, but it's assumed there are standard measures in place to detect and block malicious bots hammering the service (meta: practicality vs. unusable security tradeoff).

      Also required:
      /etc/ssh/sshd_config: \\\
      MaxAuthTries 12 # with modified AUTH_FAIL_MAX

      Attachments

        Activity

          People

            Unassigned Unassigned
            legacy-bitbucket-user Legacy Bitbucket Cloud User (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: