Linux proxy

From Ever changing code
Jump to navigation Jump to search

Linux proxy settings

When you behind a firewall of a company proxy you may need to configure your Linux distro to pass proxy details to the applications in turn to connect to Internet. Most common application like curl, wget, git use an environment variables to know proxy settings but others like Firefox and desktop applications may need to be specifically configured within application itself.

In the examples below depends on your proxy server you need to be authentication. Often it could be your own Active Directory login/password combination but it can be also Internet user login/password credentials.

Proxy environment variables
https_proxy=$http_proxy   #or: https_proxy=URL

Make sure you can resolve the proxy server DNS name otherwise use IP address

Proxy temporary configuration for a single command only
sudo env http_proxy=http://proxyserver.local:8080 apt-get update
sudo env http_proxy=http://username:password@ apt-get update

Proxy temp configuration for duration of a session. With sudo remember to use -E to preserve local environment variables
export http_proxy=http://proxyserver.local:8080/
export ftp_proxy=http://username:password@proxyserver.local:8080/
sudo -E apt-get update

Permanent proxy configuration for a user

Append proxy enviroment variables to a user ~/.profile file. With sudo remember to use -E to preserve local environment variables


Permanent proxy configuration for all users

Edit all users environment variables sudo vi /etc/environment and add proxy variables



Manage local environment variables
unset HTTP_PROXY   #unset HTTP_PROXY single variable
env -i bash        #unset all local variables back to default on login
exec bash          #unset all local variables back to default on login

Applications custom proxy setting


Some proxy servers require authorization to enable you to use them. The authorization consists of username and password, which must be sent by eg. Wget. As with HTTP authorization, several authentication schemes exist. For proxy authorization only the Basic authentication scheme is currently implemented.

You may specify your username and password either through the proxy URL or through the command-line options. Assuming that the company’s proxy is located at '' at port 8001, a proxy URL location containing authorization data might look like this:


Alternatively, you may use the proxy-user and proxy-password options, and the equivalent .wgetrc settings proxy_user and proxy_password to set the proxy username and password.

Proxy servers

CNTLM - Linux

  1. Install CNTLM sudo apt-get install
  2. Copy an updated template into /etc/cntlm.conf
  3. Generate password hash and test Internet access
    sudo cntlm -c /etc/cntlm.conf -I -M
    cntlm -H -u 'username' -d 'domain.local' #generates hash only
  4. Replace PassNTLMv2 hash value in the config file /etc/cntlm.conf with the generated hash.
  5. Restart services cntlm restart

Cntlm template to copy into /etc/cntlm.conf

# Cntlm Authentication Proxy Configuration
Username	foobar      #your windows username
Domain		home.local
# Password	password
# PassLM     xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# PassNT     xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# PassNTLMv2      XXXXX3AD50AC2DC59B62324EE9202E29 # username's password hash

# Workstation	netbios_hostname
# List proxies
Proxy      #proxy with access to Internet

# Do not use proxy - exception url's
NoProxy	*.home.local, localhost, 127.0.0.*, 10.*, 192.168.*

Listen		3128
Listen   #interface ip you want proxy listen on

# Enable to allow access from other computers
Gateway	yes

# Useful in Gateway mode to allow/restrict certain IPs
# Specifiy individual IPs or subnets one rule per line.
Allow           #allow connect from localhost
Allow      #ip of VM or remote PC that you authorize to use the proxy
#Deny		0/0

Maven proxy

If you are behind the proxy Maven needs to be configured to use it:

  • global settings: /etc/maven/settings.xml
  • local: ~/.m2/settings.xml

The easiest is to use local file

vi ~/.m2/settings.xml
<settings xmlns=""

Docker proxy