You can also commit a .ssh directory containing a dedicated id_rsa key ("deployment key") that is registered with github, either with your account or a dedicated deployment account. Don't forget to chmod 0660 the key.

No, probably not. Instead, you can use HTTPS basic authentication when you create the submodule in your git repository, similar to deploying private gems to Heroku. Looks something like this:

git submodule add https://username:password@github.com/username/repo.git

There is another solution to @kanzure approach: https://stackoverflow.com/a/29464430/990356

Go to Settings > Personal access tokens and generate a personal access token with repo scope enabled.

Now you can do git clone https://MY_TOKEN@github.com/user-or-org/repo and in the case of a submodule git submodule add https://MY_TOKEN@github.com/user-or-org/repo

Pros:

• very simple approach
• token can be easily revoked
• your real password is safe

Cons:

• if someone has access to the token, he can access your GitHub repos (read and write)