Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Composer private repository using SSH

Tags:

ssh

composer-php

I have a private repository I want to include inside my composer.json, which will place the private repository in the vendor folder. Using the code from https://getcomposer.org/doc/articles/handling-private-packages-with-satis.md#security with SSH security, you need to fill in some user specific parts (see below).

"repositories": [
    {
        "type": "vcs",
        "url": "ssh2.sftp://example.org",
        "options": {
            "ssh2": {
                "username": "composer",
                "pubkey_file": "/home/composer/.ssh/id_rsa.pub",
                "privkey_file": "/home/composer/.ssh/id_rsa"
            }
        }
    }
]

The problem is I'm working with other programmers and I don't want specific user content inside the composer.json. Is there a way to exclude the specific user content from the composer.json?

I actually want composer to ask for the programmers personal public and private key during the excecution inside the commandline.

like image 866
Kevin Avatar asked May 07 '15 08:05

Kevin

People also ask

What is private Packagist?

Private Packagist is a commercial package hosting product offering professional support and web based management of private and public packages, and granular access permissions.

Where do I put composer AUTH json?

In this authentication storage method, an auth. json file will be present in the same folder as the projects' composer. json file. You can either create and edit this file using the command line or manually edit or create it.

Where does composer get packages from?

Composer downloads directly from the source, e.g. Packagist only knows those source and tells your composer instance where to go. It does this by downloading a bunch of json files from Packagist.org that have all the infos.

1 Answers

Using Composer on the command line with SSH key authenticated repositories works out of the box if the keys are made available to the CLI SSH process via a key agent.

My personal setup is to run Putty on Windows together with Pageant for the key authentication. I configure the SSH session to allow key forwarding, and when logged into a Linux system, I can run Composer commands as well as Git commands without any need to do additional authentication. A different way would be to run a key agent on Linux directly with the key.

The central part is: If Git commands like push or pull do work with the repository, Composer will also work, without the need to authenticate.

Note that there are some more options of giving authentication data to Composer: https://getcomposer.org/doc/articles/handling-private-packages-with-satis.md#authentication

like image 192
Sven Avatar answered Sep 26 '22 23:09

Sven
Sign in to Comment

Related questions

GitLab: I can't push or clone repo, asking for Git password
Composer with git SSH stopped working randomly
ssh does not reliably return output from remote command
Reverse Tunnel over JSCH (SSH) and HTTPS
Vagrant with Docker Provider fails with rsync over ssh
Set up virtualenv with Paramiko SSH
SSH ProxyCommand change user after connect
Docker Jenkins Blue Ocean can not run ssh scp in Pipeline
Add certificate to ssh-agent for a key that's already inside the agent
How to specify RemoteForward in the ssh config file?
Can I get GNU Emacs to TAB complete filenames after using ssh in the *shell* buffer?
Git Push Hangs After a Few Pushes
bundle not found via ssh
Ssh client through a specific interface
SSH library with support for passphrase rsa privatekeys
How do I change multiple unix passwords in one script/batch file?
python pexpect: SSHing then updating the date
Google Cloud SSH Keys
Using matplotlib on headless Ubuntu 14.04 Server
Setting git private repository project on jenkins server

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!