npm install private Gitlab Repo Permission Denied (publickey) in Powershell
Solution 1
I had the same problem. This is how I solved it / my workaround:
- Make sure that you can authenticate against GitHub:
ssh -T [email protected]
- Make sure
OpenSSH Authentication Service
is not disabled (set it to manual start) - not sure if this step is necessary - Now the most important step: remove the password protection from your
id_rsa
key.npm install
can't handle password protected ssh keys.
I would recommend adding a read only SSH key directly to the repository you like to install. This makes having a SSH key without password protection a little bit less dangerous.
Add a config
file into ~/.ssh/
in which you define your keys:
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/repository_ssh_key
Solution 2
I ran into this problem and was not able to fix as all the solutions lacked one important step, so I am posting my answer in very detail.
Assuming you have already generated ssh-key and added its public key to your github account.
npm install
on Windows-10 causes a lot of problems because there are ssh-agent
s running from 2 different sources:
- Windows provided ssh-agent (OpenSSH). This feature was added in one of the Windows-10 updates and is the culprit. :)
- Git ssh-agent (this one is required for your scenario)(assuming git is installed.)
Detect source of running ssh-agent
-
Run
start-ssh-agent
(to run git provided ssh-agent) andssh-agent
(to run Windows provided ssh-agent) in cmd. -
Go to task manager and click on details tab.
-
Look for ssh-agent.exe.
After following above steps, you can see 2 ssh-agent.exe running. In the 'User name' column you can see one for SYSTEM (this is provided by Windows) and one for your-user-name (this is git). Now, please close all ssh-agents you ran for npm install.
Cause of issue:
ssh-agent that npm install
is trying to use is from the git but it is being conflicted with the windows provided ssh-agent.
Git ssh-agent can be started using start-ssh-agent
but when you try to add ssh-key to your ssh-agent using command ssh-add -k ~/.ssh/id_rsa
, it is trying to access ssh-add.exe from Windows path but not picking ssh-add.exe from git.
Solution:
Solution is to add ssh path of git to the Environment variables of your system and adding it before the "%SYSTEMROOT%\System32\OpenSSH" so it has higher priority.
This is only required so that you can access ssh-add.exe of git and after successful npm build you can freely remove it(even if you want to clone more repos and build them). Unless you want to add more keys for different repos.
Note: This path is different from the already present git/cmd path added during git installation so please make sure it is added before openSSh path variable for higher priority.
Please follow below steps to resolve your issue:
- Start your git ssh-agent by running
start-ssh-agent
in cmd. Don't usessh-agent
as it starts the Windows provided ssh-agent. - Open Task Manager and go to Details tab.
- Look for ssh-agent.exe.
- Right click on ssh-agent.exe(on the one provided by git) and click open file location.
- Copy the path and add it to Environment variables for system.(Ignore if already present).
- Close cmd and also close the running ssh-agent.exe from task manager. Note: Closing cmd is required for Env. variables to take effect.
- Open cmd in your repo and run
where ssh-agent
andwhere ssh-add
to test which ssh path will be preferred. (Hope you see 2 paths now and OpenSSH should not be appearing before Git/bin/usr path :) ) - Now, you are done. Run
start-ssh-agent
.(Runs git ssh-agent) - Add your preferred ssh key to you ssh-agent by
ssh-add -k ~/.ssh/id_rsa
.(choose private key). (Adds keys to git ssh-agent, not Windows ssh-agent) - Once successfully added, run
npm install
.
I hope it works, and if you are not comfortable, after successful npm build you can even remove the newly added path from env. variables as it was required only once(to access ssh-add from git), and start-ssh-agent
is not accessed from that path.
Solution 3
Permission denied (publickey).
This means that your current public key cannot be authenticated by the remote server.
Check access via SSH
Run:
ssh -T [email protected]
to see whether you're authenticated with gitlab.com
correctly. Otherwise, make sure you've added your publickey
to your GitLab account.
Use git+ssh://
Use git+ssh://
, instead of git://
, for example:
npm i -S git+ssh://[email protected]/my-project/repo.git
See: Install npm
module from GitLab private repository.
Provide different identity via SSH
To list your current identities, run:
ssh-add
ssh-add -L
To add different identity, run: ssh-add ~/.ssh/MyOtherKey.pem
Check npm
Also, make sure that you are not using any proxy
for your npm
. Check the config by npm config list
.
Use npm
Enterprise
You can use npm Enterprise to connect to your existing authentication system, such as OAuth2 (for GitLab), GitHub Enterprise and other. You can also check for existing auth-plugin (for GitLab, see: npme-auth-gitlab
), or write one for custom authentication.
Use personal token
As for workaround, you can create your personal or OAuth2 access token (GitLab/OAuth2; GitHub/OAuth) and use it along with your private repository URL. OAuth token will allow you to access repo via API, and personal token directly via URL, e.g.
- GitHub:
https://[email protected]/my-project/repo
- GitLab:
https://gitlab.com/my-project/repo?private_token=<PERSONAL_ACCESS_TOKEN>
Related videos on Youtube
Philipp
Updated on September 18, 2022Comments
-
Philipp over 1 year
I try to install a private gitlab repository via npm to another node project. The command is
npm install --save gitlab:my-project#master
This fails withnpm ERR! Permission denied (publickey). npm ERR! fatal: Could not read from remote repository. npm ERR! npm ERR! Please make sure you have the correct access rights npm ERR! and the repository exists.
I have the following set up: Windows 10, git and Powershell.
Using git commands directly in Powershell is working fine, e.g.
git pull
asks for the password of my private key and it works. All the other git stuff is working fine except for thenpm install
command, which seems to use git internally.If I use the git bash, that is installed with git on Windows, I can run the npm command and install the private repository. It only fails within Powershell.
Nevertheless one could say: use git bash, but I'm somehow used to the PowerShell. :)
-
sean christe about 6 yearsI suspect you need new keys
-
Philipp about 6 yearsI'm not sure about this: the keys are working if I use
git
commands directly in Powershell. And in the git bash (which is installed during the git installation on Windows) even thenpm
stuff works. I rather think that the process executed bynpm
is not allowed to read the private key / doesn't even know there is any. -
Xeos about 3 yearsI've filed a bug report with NPM on this issue github.com/npm/cli/issues/2891
-
-
Philipp about 6 yearsNo proxy configured in npm. I can't run
ssh-add
norssh
in powershell. Both are not recognized (probably missing in WindowsPATH
). If I want to execute thessh-add.exe
, which is installed in/git/usr/bin
I first have to start the ssh agent (on Linux I'm usingeval $(ssh-agent -s)
for this). Nevertheless: even if I start and add the identity to the ssh agent (I'll try later; don't want to break something now). Why does it work if I use the git command in Powershell?! -
kenorb about 6 yearsGit could have some configuration in
.gitconfig
, fornpm
you need to specify the identity separately. -
kenorb about 6 years@Philipp I'd recommend you to clone private repository with your personal token, I've added another section. I haven't tested it, so not sure if URL is correct, please let me know.
-
kenorb about 6 years@Philipp Try also using
git+ssh://
instead ofgit://
.