Configure SSH and two-step verification

If you don't have SSH configured, then you've been using the secure hypertext transfer protocol (HTTPS) to communicate between your local system and Bitbucket Cloud. Set up SSH to reduce the risk of exposing your username and password.

This table compares HTTPS and SSH to give you a better idea of the difference between the two.

The URL you use to access a repository depends on the connection protocol (HTTPS or SSH) and the distributed version control system. You can find your repository-specific URLs from the repository Source page. The following table shows these URL formats:

Bitbucket supports four encryption algorithms for user keys: Ed25519, ECDSA, RSA, and DSA. Create keys using the encryption method that is available to you.

You may want to record Bitbucket's public host key before connecting to it for the first time. Depending on the security protocols in your network, the system administrator may maintain a centrally located list of approved known hosts. The public key fingerprints for the Bitbucket server are:

SHA256 format

md5 format

To get the format suitable for storage in the known hosts, you can use the following ssh-keyscan command:

$ ssh-keyscan -t rsa bitbucket.org
# bitbucket.org SSH-2.0-OpenSSH_5.3
bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==