Creating SSH keys
This page describes how to create SSH keys.
SSH keys can be used to establish a secure connection with Bitbucket Data Center and Server for:
- when you are performing Git operations from your local machine
- when another system or process needs access to repositories in Bitbucket (for example your build server)
The SSH key needs to be added to Bitbucket, and your Bitbucket administrator must have enabled SSH access to Git repositories before you can make use of the key.
- ED25519
- RSA2 (we recommend you use a key size of at least 2048 bits)
- ECDSA
- DSA (we recommend you use other key types)
You can use an existing SSH key with Bitbucket if you want, in which case you can go straight to either SSH user keys for personal use or SSH access keys for system use.
このページの内容
Creating an SSH key on Windows
1. Check for existing SSH keys
You should check for existing SSH keys on your local computer. You can use an existing SSH key with Bitbucket if you want, in which case you can go straight to either SSH user keys for personal use or SSH access keys for system use.
Open a command prompt, and run:
cd %userprofile%/.sshIf you see "No such file or directory", then there aren't any existing keys: go to step 3.
Check to see if you have a key already:
dir id_*If there are existing keys, you may want to use those: go to either SSH user keys for personal use or SSH access keys for system use.
2. Back up old SSH keys
If you have existing SSH keys, but you don't want to use them when connecting to Bitbucket, you should back those up.
In a command prompt on your local computer, run:
mkdir key_backup
copy id_ed25519* key_backup3. Generate a new SSH key
If you don't have an existing SSH key that you wish to use, generate one as follows:
- Log in to your local computer as an administrator.
In a command prompt, run:
ssh-keygen -t ed25519 -C "your_email@example.com"Note: If you're using a legacy system that doesn't support the ED25519 algorithm, run:
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"Associating the key with your email address helps you to identify the key later on.
Note that the
ssh-keygencommand is only available if you have already installed Git (with Git Bash).
You'll see a response similar to this:C:\Users\fperez>ssh-keygen -t ed25519 -C "your_email@example.com" Generating public/private ed25519 key pair. Enter file in which to save the key (/c/Users/fperez/.ssh/id_ed25519):- Just press <Enter> to accept the default location and file name. If the
.sshdirectory doesn't exist, the system creates one for you. Enter, and re-enter, a passphrase when prompted. The whole interaction will look similar to this:
C:\Users\fperez>ssh-keygen -t ed25519 -C "your_email@example.com" Generating public/private ed25519 key pair. Enter file in which to save the key (/c/Users/fperez/.ssh/id_ed25519): Created directory '/c/Users/fperez/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in c/Users/fperez/.ssh/id_ed25519. Your public key has been saved in c/Users/fperez/.ssh/id_ed25519.pub. The key fingerprint is: SHA256:wvaHYeLtY6+DlvV5sFZgDi3abcdefghijklmnopqrstuvw your_email@example.comYou're done and you can now go to either SSH user keys for personal use or SSH access keys for system use.
Creating an SSH key on Linux & macOS
1. Check for existing SSH keys
You should check for existing SSH keys on your local computer. You can use an existing SSH key with Bitbucket if you want, in which case you can go straight to either SSH user keys for personal use or SSH access keys for system use.
Open a terminal and run the following:
cd ~/.ssh- If you see "No such file or directory, then there aren't any existing keys: go to step 3.
Check to see if you have a key already:
ls id_*- If there are existing keys, you may want to use them; go to either SSH user keys for personal use or SSH access keys for system use.
2. Back up old SSH keys
If you have existing SSH keys, but you don't want to use them when connecting to Bitbucket, you should back those up.
Do this in a terminal on your local computer, by running:
mkdir key_backup
cp id_ed25519* key_backup
3. Generate a new key
If you don't have an existing SSH key that you wish to use, generate one as follows:
Open a terminal on your local computer and enter the following:
ssh-keygen -t ed25519 -C "your_email@example.com"Note: If you're using a legacy system that doesn't support the ED25519 algorithm, use:
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"Associating the key with your email address helps you to identify the key later on.
You'll see a response similar to this:
fperez@homemac ~ % ssh-keygen -t ed25519 -C fperez@email.com Generating public/private ed25519 key pair. Enter file in which to save the key (/Users/fperez/.ssh/id_ed25519):- Just press <Enter> to accept the default location and file name. If the
.sshdirectory doesn't exist, the system creates one for you. Enter, and re-enter, a passphrase when prompted.
The whole interaction will look similar to this:fperez@homemac ~ % ssh-keygen -t ed25519 -C fperez@email.com Generating public/private ed25519 key pair. Enter file in which to save the key (/Users/fperez/.ssh/id_ed25519): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/fperez/.ssh/id_ed25519. Your public key has been saved in /Users/fperez/.ssh/id_ed25519.pub. The key fingerprint is: SHA256:gTVWKbn41z6JgBNu3wYjLC4abcdefghijklmnopqrstuvwxy fperez@email.com The key's randomart image is: +--[ED25519 256]--+ |==+. +o.. | |.oE. +o.. | | . ...o | | .o... | | oo+S . | | + ..B = . . | |.+.+.oo+ * o . | |o++.o+ . + + | |B+ o. . . | +----[SHA256]-----+ fperez@homemac ~ %- You're done and you can now go to either SSH user keys for personal use or SSH access keys for system use.