This document walks you through the steps to follow to set up a source repo connector using ECDSA encryption in Harness.
-
We will start this by Generate a fresh key with PEM format as mentioned in our documentation (Add a Bitbucket Repo - Harness.io Docs)
ssh-keygen -t rsa -m PEM -
This will generate a new key encrypted with SHA-1. You can also opt to generate a key using ECDSA encryption which will work as well. The command will change as below. ECDSA has better encryption when compared to SHA-1
ssh-keygen -t ecdsa -m PEM -
Once the commands are run, 2 Keys have been generated the Public and the Private one. These are not in the PEM format, so we will be running the below command to save them as such.
cat ~/.ssh/id_ecdsa > id_ecdsa.pem -
Next we will need to the copy content of the id_ecdsa.pub key to the Bitbucket account in the SSH keys section.
-
Once the SSH key is set on the Bitbucket end, we will need to upload the “id_ecdsa.pem” as an encrypted file in the Harness end.
-
After the encrypted file has been placed we will need to create the SSH secret in Harness for the user “git”
-
Once all the pieces are in place we can setup a new Bitbucket SCM connector and use the mentioned secret above in the SSH key and Test it, which should work as below:
These are the steps we need to follow in order to generate an ECDSA key and to make use of the same to add an SCM connector to Harness.