When using npm behind corporate proxy we have need to have following configurations in .npmrc file in user home directory.
proxy = http://<username>:<pass>#<proxy_host>:<proxy_port>/
registry = http://registry.npmjs.org/
https-proxy = http://<username>:<pass>#<proxy_host>:<proxy_port>/
While this works fine, there is a need to hardcode password in the .npmrc file. Also corporate password change policy mandates to change password after a certain period of time.
Is there a way/configuration to prompt user for password instead of having it in .npmrc file. May be like the way it works for git clone where it asks for password while cloning if repository is password protected.
You can install the sync-prompt module:
npm install sync-prompt
and modify the npm-registry-client/index.js slightly.
See this article for details and code that you need to add:
https://mikesharp.wordpress.com/2014/04/16/getting-npm-to-prompt-for-username-and-password-pochack/
Related
I'm setting up my dev environment on my new machine (m2 Mac) and have setup the ~/.gitconfig ~/.gitconfig-work and ~/.ssh/config to separate my ssh keys for personal and professional use.
~/.gitconfig
[user]
name = personal-username
email = personal-email#gmail.com
IdentityFile = ~/.ssh/id_rsa
[includeIf "gitdir:~/Documents/work/"]
path = ~/.gitconfig-work
[init]
defaultBranch = main
~/.gitconfig-work
[user]
name = work-username
email = work-email#work.com
IdentityFile = ~/.ssh/id_rsa_work
~/.ssh/config
Host github.com-personal
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa
IdentitiesOnly yes
# Work
Host github-work
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_work
IdentitiesOnly yes
I add the keys to the ssh agent and cloning works fine provided I update the remote url to have the correct host field e.g git clone git#github-work:work/work-repo.git
Now the company that I work for have some npm packages that are the base of majority of our projects, simply running npm install would always work on my previous mac, but now when running npm install I get the following error
npm install
npm ERR! code 128
npm ERR! An unknown git error occurred
npm ERR! command git --no-replace-objects ls-remote ssh://git#github.com/work/work-private-repo.git
npm ERR! ERROR: Repository not found.
npm ERR! fatal: Could not read from remote repository.
npm ERR!
npm ERR! Please make sure you have the correct access rights
npm ERR! and the repository exists.
npm ERR! A complete log of this run can be found in:
Im using node v16.16.0 & npm v8.11.0, have tried with node 14 & 12 and neither worked.
Im trying to figure out the difference between the dev setup from both machines but haven't found any differences.
From the error the issue is when trying to call
git --no-replace-objects ls-remote ssh://git#github.com/work/work-private-repo.git
When I update the remote call to
git --no-replace-objects ls-remote ssh://git#github-work/work/work-private-repo.git
to match my work profile and keys, it will return a valid response.
The package.json entry for the repo which can't be found is
"work-private-repo": "git+https://github.com/work/work-private-repo.git",
TL;DR
I believe you want to configure insteadOf URL tricks. In particular, you'll want:
git config --file ~/.gitconfig-work url.https://github-work/.insteadOf https://github.com/
for instance. (Double check all this, it's easy to get these wrong and I might have something backwards. Also, feel free to edit the files directly rather than using git config.) Drop the user.IdentityFile: it's not harmful but it will confuse people.
Long
Putting:
[user]
IdentityFile = ~/.ssh/id_rsa_work
into a .gitconfig file will do absolutely nothing: no errors, no change in behavior of Git, no change in behavior of ssh. That's because Git allows you to set arbitrary unused variable names to arbitrary values, without complaint, and then it does nothing with those variables. user.IdentityFile is not used in Git.
The place you need to specify an IdentityFile (and preferably also set IdentitiesOnly yes) is in the .ssh/config file, so this part is completely correct:
Host github.com-personal
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa
IdentitiesOnly yes
# Work
Host github-work
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_work
IdentitiesOnly yes
What you need next is on the Git side: you need to make a URL that contains github.com refer to github-work, from the second section here, or github.com-personal, from the first. (But the first is close enough to the defaults that it probably already works anyway: if you ask ssh to connect to github.com, there's no Host line, so you connect to github.com and use the default identities—including id_rsa.)
This is where the insteadOf settings come in. According to the git config documentation:
url.<base>.insteadOf
Any URL that starts with this value will be rewritten to start, instead, with <base>. In cases where some site serves a large number of repositories, and serves them with multiple access methods, and some users need to use different access methods, this feature allows people to specify any of the equivalent URLs and have Git automatically rewrite the URL to the best alternative for the particular user, even for a never-before-seen repository on the site. When more than one insteadOf strings match a given URL, the longest match is used.
By putting these URL rewrites into the per-work and per-home settings, you can automatically replace a standard style, HTTPS-oriented URL into one of your personalized-style ssh URLs, and choose the personalized URL based on the location of the clone in your file system.
Since it's all prefix matching, you may want an entry for ssh://github.com/ as well: as it is you're only telling Git to switch to ssh when using https://github.com/. This way you'll personalize ssh URLs as well as HTTPS ones.
See also How do I get git to default to ssh and not https for new repositories.
Hello everyone I´ve been trying to configure and use npm on my enterprise PC without success.
I´ve set proxy, https-proxy, strict-ssl false, registry http://registry.npmjs.org
proxy has been set like this "http://user:password#proxy_ip:proxy:port"
Where the password has a special character written in urlencode.
npm config get proxy
returns proxy with credentials as they should be.
I have cleared my npm cache and tried again.
No success.
Any ideas what can be the problem?
I recommend reading through this article to configure the proxy for npm.
http://wil.boayue.com/blog/2013/06/14/using-npm-behind-a-proxy/
npm config set proxy http://proxy.company.com:proxyport
npm config set http-proxy http://proxy.company.com:proxyport
npm config set https-proxy http://proxy.company.com:proxyport
Hope this is useful for you!
Usually, when you are behind a corporate proxy, it is needed to add the domain where you are at. Given that also the characters should be URL encoded, it would look like:
https://domain%5Cusername:password#proxy:port
We should add proxy with username and password to avoid this error.
For example:
username: admin
password: admin123
proxy: 172.10.3.21
port: 3128
npm config set proxy http://admin:admin123#172.10.3.21:3128
npm config set https-proxy http://admin:admin123#172.10.3.21:3128
Editing the .npmrc file in user folder worked for me.
I set the proxy and npm registry as follows:
proxy=http://username:password#proxy:port/
https-proxy=http://username:password#proxy:port
registry=http://registry.npmjs.org/
Note : for usenames and passwords containing special charcters, the characters need to be encoded in the proxy configuration.
e.g if username is "user" and password is "1234#user", then the .npmrc file will look like :
proxy=http://user:1234%40user#proxy:port/
https-proxy=http://user:1234#user#proxy:port
registry=http://registry.npmjs.org/
where, %40 is the encoded form of "#".
In my case, the pound symbol(#) was not getting accepted in username or password(Dont know why).
if you use windows and cntlm and you get a 407 error from cntlm proxy server, make sure that your PassNTLMv2 in the cntlm.ini is up-to-date, as you have to recreate it, everytime that you change domain password.
I had this error on my corporate machine and this command in Terminal fixed it:
proxyOn () {
export PROXY_CREDS=http://localhost:9000
export ALL_PROXY=${PROXY_CREDS}
export https_proxy=${PROXY_CREDS}
export http_proxy=${PROXY_CREDS}
export HTTP_PROXY=${PROXY_CREDS}
export HTTPS_PROXY=${PROXY_CREDS}
}
The character dot . , dont work on http request but . remplace it
Before
npm config set proxy http://name.surname:pwrd#host:port
After
npm config set proxy http://name.surname:pwrd#host:port
As others mention above you should set both the proxy and https-proxy configuration variables. as below:
https-proxy=http://userName:password#urlOfYourProxy:8080/
What no mentions is that the https-proxy variable should point to a proxy url that uses the http protocol NOT the https protocol (as shown above)!! Pretty darned counter intuitive.
I have a GitLab domain, project and repo. This project is accessible via a group I am apart of.
I would like for this to be downloaded via npm install in the following ways:
Local computer
GitLab CI job
Inside of a Docker container
I'm guessing the easiest way of doing this is to just make it public. Is there a way to fix this so it is secure. I can imagine that it must be done with keys.
In my package.json under dependencies I currently have this, but it gives a 401 error of course:
"my-module": "my-domain.com:my-project/my-repo#my-branch",
I do not want hardcoded tokens in the package.json file, if it can be avoided.
You can use SSH keys to access your repository. Add ssh keys to GitLab server and define url to your repsitory in following form:
git+ssh://git#git.mydomain.com:Username/Repository#{branch|tag}
or
git+ssh://git#git.mydomain.com/Username/Repository#{branch|tag}
In your package.json it will be something like this "my-module": "git+ssh://git#my-domain.com:my-project/my-repo#my-branch"
If your ssh key is password protected, then npm will ask for password.
I am trying to install bower
npm install -g bower
but am getting an authentication error from our proxy
...
npm http 407 http://registry.npmjs.org/bower
...
Error Code: 407 Proxy Authentication Required.
...
I am trying to get npm working behind a corprate proxy. I think our proxy is a little weird because the only way I was able to get maven downloading packages was to add wagon-http-lightweight.jar as a maven extension.
http://maven.apache.org/wagon/wagon-providers/wagon-http-lightweight/
I have tried all the regular things as described here:
Is there a way to make npm install (the command) to work behind proxy?
(I don't need to supply authentication details in my maven proxy settings).
npm config set registry http://registry.npmjs.org/
npm config set proxy http://myusername:mypassword#proxy.us.somecompany:8080
npm config set https-proxy http://myusername:mypassword#proxy.us.somecompany:8080
npm config set strict-ssl false
What else can I try?
Can try this....working for me.
Open IE (Chrome did not work for me).
Hit the URL http://registry.npmjs.org
it will download json output if successful.
Now go back to command prompt and try npm install.
I was able to get this working by installing a local proxy:
NPM behind NTLM proxy
Use fiddler http://www.telerik.com/fiddler
Install and run and that's it, everything will run as it is supposed to. I spent half a day cracking my head on this
Edit: I honestly have no idea if it was fiddler or something else I tried that fixed it (it is mostly the latter) but you should try setting registry, http-proxy, proxy and strict-ssl
When authentication is required for the HTTP proxy:
Fiddler can be configured to authenticate with the corporate HTTP proxy using NTLM or other protocols. Leave the existing auto authenticate options/rules defaults in place. Instead, go to this setting from the menu bar:
Tools > Telerik Fiddler Options > Connections tab
Click on the Allow remote computers to connect checkbox. You will see a dialog explaining the consequences of enabling this option. Restart Fiddler and update the .npmrc file as shown above. Whenever you need npm to access the registry site just run Fiddler. This setting won't affect the way Fiddler runs for other captures.
I have the same issue.
The root cause is my password contains a special character '#', when I npm set config proxy, the character become '#' in .npmrc file, so I change my password to remove the special character and it's working fine.
If your password does not contains special characters, just use syntax command below, it will work.
npm config set strict-ssl=false
npm config set proxy http://<username>:<password>#<proxy-server-url>:<port>
npm config set https-proxy http://<username>:<password>#<proxy-server-url>:<port>
Thanks,
Is it possible to run npm install behind an HTTP proxy, which uses NTLM authentication? If yes, how can I set the server's address and port, the username, and the password?
I solved it this way (OS: Windows XP SP3):
1. Download CNTLM installer and run it.
2. Find and fill in these fields in cntlm.ini. Do not fill in the Password field, it's never a good idea to store unencrypted passwords in text files.
Username YOUR_USERNAME
Domain YOUR_DOMAIN
Proxy YOUR_PROXY_IP:PORT
Listen 53128
3. Open console, and type these commands to generate password hashes.
> cd c:\the_install_directory_of_cntlm
> cntlm -H
Password: ...type proxy password here...
PassLM D6888AC8AE0EEE294D954420463215AE
PassNT 0E1FAED265D32EBBFB15F410D27994B2
PassNTLMv2 91E810C86B3FD1BD14342F945ED42CD6
4. Copy the above three lines into cntlm.ini, under the Domain field's line. Once more, do not fill in the Password field. Save cntlm.ini.
5. Open the Service Manager (from command line: services.msc), and start the service called "CNTLM Authentication Proxy".
6. In the console, type these lines:
> npm config set proxy http://localhost:53128
> npm config set https-proxy http://localhost:53128
> npm config set registry https://registry.npmjs.org
7. Now npm view, npm install etc. should work. Example:
> npm view qunit
...nice answer, no errors :)
CNTLM answer was working for me, but with connection errors make npm unusable. I've fixed them by adding this header in CNTML.
Header Connection: close
Another alternative is to use Px for Windows which talks NTLM on your behalf like Cntlm and NTLMAps without having to provide your credentials. It uses the logged in user's credentials via SSPI.
Rather than running CNTLM, you could instead try running Fiddler when you need to use npm. I've found this works in fairly locked down environments (e.g. investment banks). It's also a tool that is fairly easy to make a business case for (if you need to) since it's invaluable for checking/creating/altering HTTP traffic.
I've had to go this route before due to usage of smartpass authentication - i.e. we didn't actually have passwords. At those locations setting up CNTLM would have been impossible.
You can pass the settings as parameters:
npm --proxy=http://username:password#proxyserver:port --proxy-https=http://username:password#proxyserver:port --registry=http://registry.npmjs.org/ install whateveryouwanttoinstall
CNTLM didn't work for me. I tried all possible combinations. NPM was giving Authentication error. Fiddler came for rescue and saved my time. It is easy to install and configure. Set Fiddler Rule to Automatically Authenticated.In .npmrc set these
registry=http://registry.npmjs.org
proxy=http://127.0.0.1:8888
https-proxy=http://127.0.0.1:8888
http-proxy=http://127.0.0.1:8888
strict-ssl=false
It worked for me :)
Another Fiddler Option:
A second way to make Fiddler act as an HTTP proxy for NTLM and other protocols is to leave the auto authenticate options/rules defaults in place and go to this setting from the menu bar:
Tools > Telerik Fiddler Options > Connections tab
Click on the Allow remote computers to connect checkbox. You will see a dialog explaining the consequences of enabling this option. Restart Fiddler and update the .npmrc file as shown above. Whenever you need npm to access the registry site just run Fiddler. This setting won't affect the way Fiddler runs for other captures.
Open your .npmrc file in C:\users\username\ folder using notepad
Add the below lines..
Replace domain, username, pwd, servername with your correct values
Try to install or get packages now
If trying from Vs2017, close and reopen VS IDE, then only it works
proxy=http://DOMAIN%5CUSERNAME:PWD#proxy.servername.com:6050
https-proxy=http://DOMAIN%5CUSERNAME:PWD#proxy.servername.com:6050
http-proxy=http://DOMAIN%5CUSERNAME:PWD#proxy.servername.com:6050
strict-ssl=false
CNTLM worked for me as suggested by KOL. Thanks KOL for that. Just wanted to add that there are some oddities in individual proxies because of which the password may not be acceptable when using simple cntlm -H.
Use cntlm -I -M http://test.com and copy the below config after erasing older configs and you should be through.
The output is like
---------------------------------------------------
Auth NTLM
PassNT 8EE9B595A89F7D8774C2146FB302CBCF
PassLM 78901DA9889727EDE28EF9F2769485B9
----------------------------------------------------