SSH keys for Bamboo plans
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
This informative article provides more information on repository SSH keys for Bamboo Plans, where they are stored, and how to manage them.
Solution
You might use SSH keys to connect to the repository. The private key is stored - encrypted - inside the Bamboo database, at the XML_DEFINITION_DATA column of the VCS_LOCATION table. Bamboo only decrypts it when it needs to run git operations. The plain text version of the key is not persisted anywhere.
Managing SSH keys
User interface
If you're creating plans and repositories through theUser Interface directly, you can justre-save therepository configurationto generate a new SSH keypair. This can be done under Cog icon > Linked repositories > select a repository > Save for global repositories, or at the build plan configuration > Repositories > select a repository > Save.
Repository-stored specs
If you're creating plans and repositories through repository-stored specs, the SSH keys are managed and defined by the user creating the Specs. Please see the following Bamboo Specs documentation:
If that's your use-case scenario, you can use the steps from Bamboo Specs encryption to encrypt the SSH keys. It's also possible to use the encryption feature through theREST API.
Was this helpful?