Ubuntu – How to configure HTTP proxy with authentication on Ubuntu WSL on windows 10

networkingPROXYwindows-subsystem-for-linux

I am using Ubuntu WSL on Windows 10. How to configure HTTP proxy with authentication on it?

Best Answer

cntlm proxy for NTLM authentication

I am assuming your proxy requires a NTLM based user authentication, which will not work with the credentials specified in $HTTP_PROXY. A NTLM capable proxy this required for that: e.g. cntlm.

Install cntlm proxy

The default way of installing the proxy would be to use sudo apt-get install cntlm, but without any proxy this will obviously fail. You need to manually download the package cntlm_0.92.3-1ubuntu1_amd64.deb and copy it into your WSL instance.

Install the package with

$ sudo dpkg -i cntlm_0.92.3-1ubuntu1_amd64.deb

Configure cntlm proxy

The cntlm proxy requires proper NTLM-Proxy configuration in /etc/cntlm.conf:

# /etc/cntlm.con
Domain      Domain
Username    username
Proxy       1.2.3.4:5678
NoProxy     localhost, 127.0.0.*, 10.*, 192.168.*
Listen      3128

This is the minimal required configuration for cntlm. Test and verify cntlm with the following command:

$ cntlm -M http://www.google.com
cntlm: Starting cntlm version 0.92.3 for LITTLE endian

cntlm: Proxy listening on 127.0.0.1:3128

cntlm: Workstation name used: hostname

Password:

If the authentication is successful, generate hashes for the authentication by using the -H switch:

$ cntlm -H                   
cntlm: Starting cntlm version 0.92.3 for LITTLE endian

cntlm: Proxy listening on 127.0.0.1:3128

cntlm: Workstation name used: somehost

cntlm: Using following NTLM hashes: NTLMv2(1) NT(0) LM(0)

Password: 
PassLM          123456789ABCDEF123456789ABCDEF12
PassNT          123456789ABCDEF123456789ABCDEF12
PassNTLMv2      123456789ABCDEF123456789ABCDEF12    # Only for user 'username', domain 'Domain'
cntlm: Terminating with 0 active threads

Add the three hashes PassLM, PassNT and PassNTLMv2 to the cntlm configuration file /etc/cntlm.conf. Then activate the proxy via systemd:

$ sudo systemctl restart cntlm

Now the proxy should listen on your localhost at port 3128.

Configure proxy

Now you can configure the proxy as described in this post but use:

$ export http_proxy=http://localhost:3128/
$ export https_proxy=http://localhost:3128/
Related Question