If your linux box is behind http proxy, command line utilities like wget, curl, yum, zypper etc, which talk to external URLs, fail because proxy does not allow the connection to be established. Authenticating proxy, CNTLM can solve this problem.
Cntlm is an NTLM, NTLM2SR, NTLMv2 authenticating HTTP proxy. It takes the address of your parent proxy (or proxies) and opens a listening socket, forwarding each request to it (moving on in a circular list if the active parent proxy stops working). Along the way, a connection to the parent is created anew and authenticated or, if available, a previously cached connection is reused to achieve higher efficiency and faster responses. When set up, cntlm should be used as the primary proxy in your applications.
Setup Instructions:
1. Download and install cntlm*.rpm
2. Edit /etc/cntlm.conf file to have following information.
----------------------------------------------------------------------------------
Username username
Domain domainname
Password password
Proxy **proxy server IP**:80
Listen 3128
Auth LM
----------------------------------------------------------------------------------
3. To generate hash key for password, run command:
cntlm -M http://**any external IP**:3128
Output of this command will look like this:
Auth ----- NTLMv2
PassNTLMv2 ----- **some-string**
4. Copy the last 2 lines of the output of #3 and paste them in /etc/cntlm.conf in place of the following line:
Auth ------ LM
and remove the password line.
5. Run cntlm in daemon mode by running command 'cntlm'
6. Before executing wget, curl etc, set following variables and that should be it.
http_proxy=127.0.0.1:3128
ftp_proxy=$http_proxy
https_proxy=$http_proxy
Friday, April 29, 2011
Subscribe to:
Posts (Atom)