113

In my office i want to update and download through (wget) and here they are using proxy?

How can i do this by commandline?

Marco Ceppi
  • 48,101
Renjith G
  • 3,553

8 Answers8

124

In some releases sudo is configured in such a way that all environment variables all cleared when running the command. To keep the value for your http_proxy and fix this, you need to edit /etc/sudoers, run:

visudo

Then find a line that states:

Defaults env_reset

and add after it:

Defaults env_keep = "http_proxy ftp_proxy"

Things will start working as expected.

Thanks to kdogksu in the Ubuntu Forums for finding the solution for this.

In order to not only fix apt-get but also graphical X11 utils as e.g synaptic,mintintall, ...) the following line in /etc/sudoers should do the job :

Defaults env_keep = "http_proxy https_proxy ftp_proxy DISPLAY XAUTHORITY"
αғsнιη
  • 35,660
paulo.albuquerque
  • 1,866
  • 8
    Would it be necessary to add "https_proxy" too? – TenLeftFingers Jan 20 '14 at 09:12
  • 2
    $ export http_proxy="http://user:password@proxy-server:port" and if your password contains special characters --http://www.cyberciti.biz/faq/unix-linux-export-variable-http_proxy-with-special-characters/ – Alex Punnen Jun 26 '15 at 10:10
  • 3
    should 'env_keep' be added after 'env_reset' or placed in its place? They look opposing to each other, so is there sense in keeping both? – Rodrigo Aug 04 '15 at 12:18
  • Defaults env_keep = "http_proxy https_proxy ftp_proxy DISPLAY XAUTHORITY" worked for me ! Thanks ! - – falconR Nov 26 '15 at 17:08
  • 2
    Stumbled on this after lots of browsing. This solved my problem. – Sudipta Basak Jan 13 '16 at 07:11
  • Any idea how this can be done without root privileges? – Sudipta Basak Jan 13 '16 at 07:19
  • I recommend using Defaults env_keep = "http_proxy https_proxy ftp_proxy rsync_proxy no_proxy" to catch more of the proxy related environment variables. –  Mar 26 '18 at 01:10
  • Yeah, this is dangerously wrong. Root should only be using the http_proxy and related variables for apt, not wrapping the entire root session for everyone. See John Cartwright's answer about setting the proxy in /etc/apt/apt.conf or a file under /etc/apt/apt.conf.d/ – Rich Jul 17 '18 at 23:31
58

Use this.

ubuntu@ubuntu:~$ cat /etc/apt/apt.conf
Acquire::http::Proxy "http://Username:Password@proxy.foo.bar.edu.au:8080";

This is what I use. Works perfectly.

Apt also allows individual settings to be placed in files under /etc/apt/apt.conf.d/, so this has exactly the same effect as the above, but may be easier to maintain if you have other lines in the .conf file:

ubuntu@ubuntu:~$ cat /etc/apt/apt.conf.d/05proxy
Acquire::http::Proxy "http://Username:Password@proxy.foo.bar.edu.au:8080";
Rich
  • 103
John Cartwright
  • 581
  • 6
    I recommend editing this to explain how to add that line to the configuration file. Attempting to run those lines on the command-line won't do it. Right now this answer is based on a correct idea but won't be helpful to a novice. It's not even entirely clear that you're saying that line should be added to apt.conf. – Eliah Kagan Mar 18 '13 at 04:57
  • 1
    awesome !!!! works like charm – Shantanu Bedajna Jan 17 '16 at 22:00
  • On my system I had to create a file under /etc/apt/apt.conf.d but small detail - worked great – dldnh Feb 12 '16 at 13:59
  • 1
    @dldnh: You can create the file /etc/apt/apt.conf or use place a config file in /etc/apt/apt.conf.d....either works! :-) – Paul Calabro May 27 '16 at 17:16
  • don't forget the semicolon or you'll get E: Syntax error /etc/apt/apt.conf:2: Extra junk at end of file – Florian Castellane Nov 13 '17 at 17:07
  • It firms up the answer to direct the user to a single option. – Rich Jul 17 '18 at 23:33
  • Ubuntu 18 LTS... file? /etc/apt/apt.conf.d/xx.yy? (05proxy not exists) – Peter Krauss Jul 24 '19 at 21:27
43

The thing that worked for me was:

sudo http_proxy=http://yourserver apt-get update

Which is a bit odd because simply exporting http_proxy and then running sudo echo $http_proxy obediently printed out the exported value

Sam
  • 559
17
export http_proxy=http://proxyusername:proxypassword@proxyaddress:proxyport
sudo apt-get update

The export shouldn't need sudoing and if your proxy is anonymous, just ditch the proxyusername:proxypassword@ part.

Oli
  • 293,335
10

If you want to run “sudo apt-get update” through proxy in commandline, use below command,

sudo apt-get -o Acquire::http::proxy="http://user:password@host:port/" update;
Prashant Adlinge
  • 625
4

Ubuntu is incredibly hostile to authenticating proxies. I use an Ubuntu laptop at work and the number of breakages is incredible.

Synaptic, Apt, Firefox, Chromium, etc all use different methods for specifying a proxy and there's nowhere to specify credentials securely.

Some bugs on the subject : https://bugs.edge.launchpad.net/ubuntu/+source/msttcorefonts/+bug/220070

https://bugs.edge.launchpad.net/ubuntu/+source/apt-cacher/+bug/198138

https://bugs.edge.launchpad.net/ubuntu/+source/apt/+bug/433827

https://bugs.edge.launchpad.net/ubuntu/+source/b43-fwcutter/+bug/683630

Oli's suggestion to use an export is the only vaguely secure way to do it. It's also sometimes possible to "fudge" proxy support if the proxy server is using secondary authentication to minimise load on the main authentication servers (say perhaps Active Directory). This is where the first proxy connection is authenticated by the proxy against AD, then for a set time period (usually 5 minutes) all other connections are "trusted" to be that user. Therefore, you can open firefox, browse the internet (anywhere will do), then try your utility (wget, synaptic, whatever) by specifying a proxy, but leave the username blank.

Ubuntu is generally hostile to any corporate environment simply because it allows passwords to be read so easily. Seahorse is a prime culprit, but Network Manager is also shocking - connect to any PEAP authenticated network and you've just stored your password in the applet for anyone to see who might borrow your laptop. Apparently laptop sharing is considered sacrilege in Linux land, since Seahorse developers rejected claims of insecurity. After that, I didn't have the heart to contact the network-manager devs.

Scaine
  • 11,139
  • I recommend cntlm as a cure for this. It handles authenticating with AD and you set all of your proxy settings to use 127.0.0.1 without requiring any credentials. – laz Feb 19 '14 at 16:21
  • If you need to authenticate with another machine then the password plaintext needs to be stored. "encryption" wouldn't add any security, because the encryption key needs to be stored on the same device in order for the passwords to be available. – Jeremy List Jul 11 '15 at 02:41
  • Jeremy, you're taking the same on/off approach to security as the Seahorse devs. I'm not saying to make this stuff impossible, just make it hard. Right now, stealing credentials from an unlocked Ubuntu laptop is trivial - maybe five clicks and you've got it. The same is not true of Windows - it might still be possible, but even I wouldn't know how to do it. There is no simple way to lift a password from a Windows machine in the 10 minutes or so you might leave a workstation unlocked by accident. Do the same in Ubuntu and you might as well hand in your resignation. It's not good enough. – Scaine Aug 25 '15 at 08:35
4

Did you try editing /etc/apt/apt.conf? I use this to use apt behind our corporate proxy.

Acquire::http::proxy "http://user:password@host:port/";

I believe that apt uses this value unless $http_proxy is defined in your shell environment (i.e. $http_proxy takes precedence).

Jon Brett
  • 379
  • I'm not sure apt.conf is still in use... When I updated from 8.04 to 10.04 I ended up with impossible update, until I got rid of the proxy settings in that file - then the proxy settings set in Synaptic started to work again... – Little Jawa Oct 17 '10 at 06:47
  • That's odd - I use apt.conf with 10.04. I find the settings in this file are separate from those configured in the Synaptic package manager preferences gui. – Jon Brett Oct 18 '10 at 12:05
  • 2
    Yes, apt.conf should still be used. You can see what configuration settings apt thinks it has set by using apt-config dump. – Steve Beattie Nov 02 '10 at 16:47
3

If it is a temporary configuration, you could try this: sudo bash -c 'http_proxy="http://< proxy_host >:< proxy_port >/" apt-get update'

You need this, because the environment variable needs to be defined for the "root" account. Doing and export before should not work.

For a permanent configuration, you will have to modify a system file. This is already described in the following answer about How to check Network proxy is really applied?.

Community
  • 1
Huygens
  • 4,713
  • :-( , I am getting error "Access to web proxy service denied!" – Renjith G Oct 15 '10 at 11:27
  • You probably have to enter a login and password, do you? If so http_proxy should have the form "http://< user >:< pass >@< host >:< port >/" – Huygens Oct 15 '10 at 13:14