If you use a NuGet API key in your "nuget push" command login credentials (username/password) shouldn't be needed.
But unfortunately there is a problem with the way NuGet.exe works, it expects anonymous read access to the root of the repository. The reason for this is that it pings the root without credentials to determine if the repository is healthy. If this receives a 401 response then NuGet.exe will prompt for authentication.
By default Nexus ships with the 'Repo: All Repositories (read)" role assigned to the anonymous user, so "nuget push" with just an API key will work. But if you've restricted access to the Nexus anonymous user you may experience the above issue. To work around this, you need to grant the anonymous user in Nexus access to the root of the nuget repository.
First go to "view/repositories/repository targets", and create a repository target with:
- Repository Type: NuGet
- Pattern Expresson: /
Then create a repository target privilege for your nuget repository under '"security/privileges" using this repository target.
Finally, create a role which contains the "read" privilege you just created and give this to the anonymous user in Nexus.
This will not grant anonymous access to any of the contents of your NuGet repository, it just grants access to read the root ("/").