intellimetrics Learning
Building Module 6 · CLI Tools Setup

Overview & Prerequisites

What you need before installing LLM CLI tools

What you’re about to install

In the next four lessons, you’ll install and try each of the major LLM CLI tools:

ToolMakerAccessKey strength
Claude CodeAnthropicAPI key or Anthropic accountDeep codebase understanding, long context
Gemini CLIGoogleGoogle accountOpen source, generous usage tier, huge context
Codex CLIOpenAIAPI keyAutonomous task execution
GitHub Copilot CLIGitHub/MicrosoftGitHub account with CopilotIntegration with GitHub ecosystem

You don’t need to install all of them. But we recommend trying at least two — each has different strengths, and knowing multiple tools makes you a more flexible orchestrator.

Prerequisites

All of these tools need Node.js installed. Node.js is a platform that lets JavaScript run outside the browser — it powers the installer (npm) that all CLI tools use.

Which shell should I be in?

Everything in this module assumes you’re in a bash or zsh shell — the default on macOS, Linux, and WSL. If you’re on Windows, make sure you’re in your WSL terminal (Ubuntu), not PowerShell. If you’re connected to a remote server via SSH or VS Code Remote, you’re already in a Linux shell. If you’re not sure, run echo $SHELL — it should show /bin/bash or /bin/zsh.

Preflight check

Before installing anything, let’s make sure your environment can reach the tools you need. Run each of these:

Terminal window
# Can you reach the npm registry?
curl -s https://registry.npmjs.org/ | head -c 100


# Do you have git?
git --version


# What shell are you in?
echo $SHELL

If curl to the npm registry fails, you may be behind a corporate proxy or firewall — see the troubleshooting section at the bottom of this lesson.

Check if you already have Node.js

Terminal window
node --version

If you see something like v20.11.0 or higher, you’re good — skip to the “API Keys” section below.

If you see “command not found,” install it using the method below.

nvm (Node Version Manager) is the best way to install Node.js because:

  • It doesn’t require sudo or admin rights
  • It installs Node in your home directory (no permission issues)
  • You can easily switch between Node versions later

This works on macOS, Linux, and WSL:

Terminal window
# Install nvm
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash


# Reload your shell (or close and reopen your terminal)
source ~/.bashrc


# Install the latest LTS version of Node.js
nvm install --lts


# Verify
node --version
npm --version

Both should print version numbers. You’re ready.

💡If 'nvm' isn't found after install

Close your terminal completely and reopen it. The nvm install script adds itself to your shell config file (~/.bashrc or ~/.zshrc), but that only takes effect in new terminal sessions. If you’re in VS Code, open a new terminal panel.

Alternative: Direct install (if nvm doesn’t work)

If you can’t use nvm (corporate restrictions, etc.):

macOS with Homebrew:

Terminal window
brew install node

Ubuntu/Debian (WSL or server):

Terminal window
sudo apt update && sudo apt install -y nodejs npm

Or download from nodejs.org — grab the LTS version.

What’s npx?

You’ll see npx in some installation instructions. The difference:

  • npm install -g tool — downloads and permanently installs a tool
  • npx tool — downloads and runs a tool temporarily

For CLI tools you’ll use regularly, npm install -g is better so you don’t re-download every time.

If 'npm install -g' gives a permission error

This usually means Node.js was installed system-wide instead of via nvm. Fix: prefix with sudo on Linux/macOS (sudo npm install -g tool), or better yet, install nvm and switch to it. If you used nvm, global installs should work without sudo.

API keys — what they are and how to handle them

Most AI CLI tools require an API key — a secret string that identifies your account and lets the tool talk to the AI service. You’ll get this from each provider’s website.

Key safety rules

  • Never share your API key with anyone
  • Never paste it into a public chat, email, or code repository
  • Never put it in a file that gets committed to git (add .env to your .gitignore)
  • If you accidentally expose a key, revoke it immediately from the provider’s dashboard

Storing keys safely

Most CLI tools store your key in a local config file automatically. But if you need to set one manually:

Terminal window
# Set for your current session
export ANTHROPIC_API_KEY="sk-ant-your-key-here"


# Make it permanent (add to your shell config)
echo 'export ANTHROPIC_API_KEY="sk-ant-your-key-here"' >> ~/.bashrc
source ~/.bashrc
On shared machines (university servers, lab workstations)

If other users can access the same machine, be careful with API keys in your shell config. Your ~/.bashrc is only readable by you (by default), but check with ls -la ~/.bashrc — the permissions should be -rw------- (only you can read/write). If not, run chmod 600 ~/.bashrc. Consider asking your instructor about shared training keys instead.

Authentication over SSH (the browser problem)

Some tools (like claude or gh auth login) want to open a web browser for authentication. If you’re SSH’d into a remote server, there’s no browser to open. Solutions:

  1. Device flow: Some tools show a URL and a code. Open the URL on your local machine’s browser, enter the code, and the remote tool gets authenticated.
  2. API key directly: Set the API key as an environment variable before starting the tool — this bypasses browser-based auth entirely.
  3. Authenticate locally first, then copy: Run the tool on your local machine to authenticate, then copy the generated config file to your remote server (usually in ~/.config/ or a tool-specific directory).

Each tool lesson will cover authentication specifically.

Troubleshooting: Proxy and network issues

If you’re on a university network, corporate VPN, or government network, you may hit issues with SSL certificates or blocked registries.

Symptom: npm install fails with certificate errors

error SELF_SIGNED_CERT_IN_CHAIN

This usually means your network is doing SSL inspection. Fixes:

Terminal window
# Option 1: Tell npm to use your system's certificate bundle
npm config set cafile /etc/ssl/certs/ca-certificates.crt


# Option 2: If you have a specific corporate cert file
npm config set cafile /path/to/your/corporate-ca.pem


# Option 3 (last resort, NOT recommended for production):
npm config set strict-ssl false

Symptom: Network timeout / can’t reach registry

Your network might require a proxy:

Terminal window
npm config set proxy http://proxy.example.com:8080
npm config set https-proxy http://proxy.example.com:8080

Ask your IT team for the proxy address. Or use GitHub Codespaces to bypass network restrictions entirely.

Ready?

If you can run node --version and npm --version and see version numbers, you’re set. Let’s install your first tool.