Is there a way to specify which ssh key should be used for npm install

Question

I have a private repo that I want to install in my package.json file.

"private-module": "git+ssh://git@bitbucket.org:private/private-module.git"

By default npm uses your default private key. I want to be able to specify which ssh key npm should use when running npm install. Is there any way to do this?

Answer 1

You can apparently do this with

export GIT_SSH_COMMAND='ssh -i ~/.ssh/your_private_key'

Answer 2

Otherwise, you can use your NPM Token in your .npmrc file:

// .npmrc
//registry.npmjs.org/:_authToken=${YOUR_NPM_TOKEN}

Source: https://blog.npmjs.org/post/118393368555/deploying-with-npm-private-modules

Answer 3

After you have made the changes in the first part of mscdex's answer you might need to add the host to the list of known hosts - before the npm install command will work.

You can do this by cloning the private repo to another directory:

git clone ssh://git@bitbucket.org:private/private-module.git

You might be asked if you want to proceed, type yes and enter, then bitbucket.org is trusted. Go back to your project directory and retry npm install. This is what was needed for mscdex's answer to work for me.

There are other ways of adding trusted hosts, but this does that in addition to verify that you can actually get to the desired private repo.

Answer 4

Here are a few solutions:

• Add an entry to your ~/.ssh/config. For example:

  Host bitbucket.org
       IdentityFile ~/.ssh/bitbucket_key
       IdentitiesOnly yes
  

• Use ssh-agent and add your key to the agent instance beforehand.

• Use something like ssh-ident for choosing ssh agents and identities dynamically based on the current working directory or arguments passed to ssh-ident. As their readme states, you would typically alias ssh-ident to ssh so that it's automatically used everywhere.