Connection blocked because the server only allows public key authentication with SSH in Bitbucket Cloud

Platform Notice: Cloud Only - This article only applies to Atlassian products on the cloud platform.

Summary

Unable to authenticate with SSH in Bitbucket Cloud and getting the error below:

1 2 Connection blocked because server only allows public key authentication. Please contact your network administrator. fatal: Could not read from remote repository.

Cause

  • The error usually happens if your server is behind the firewall and does not allow incoming traffic from the Bitbucket Cloud IPs.

  • You can check if Bitbucket Cloud is reachable from your server by running the following commands:

    1 2 3 telnet bitbucket.org 22 ssh -Tvvv git@bitbucket.org traceroute bitbucket.org (Linux) / tracert bitbucket.org (Windows)

Solution

  • Ensure the SSH key has been set up and added to your personal settings.

  • If your server is behind the firewall, ensure that default port 22 for SSH is opened.

  • Confirm if the server has any specific rules set for the outgoing traffic for port 22. If they allow only specific traffic, ensure that Bitbucket Cloud IPs are whitelisted for inbound traffic to Bitbucket.

  • If the issue persists, check with your system administrator to confirm if they have any network policy blocking the connection to Bitbucket Cloud.

Updated on April 8, 2025
Platform
Cloud only
Product
Bitbucket Cloud
On this pageSummaryCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community