Skip to main content

wget maven ntlm proxy

How to make wget, curl and Maven download behind an NTLM Proxy


Working on CentOS, behind an NTLM proxy:
  1. yum can deal without problem with a NTLM Proxy
  2. wget, curl and Maven cannot
The solution is to use "cntlm".
"cntlm" is a NTLM client for proxies requiring NTLM authentication.

How it works
  • Install "cntlm"
  • Configure "cntlm" 
    • by giving it your credentials
    • by giving it the NTLM Proxy
  • Start "cntlm" deamon (it listens to "127.0.0.1:3128")
  • Configure wget, curl and Maven to use "cntlm" instead of using directly the NTLM Proxy
Note: You will have then a kind of 2 stages Proxy: cntlm + the NTLM proxy

Configure CNTLM

After installing cntlm, the configuration file is in "cntlm.conf".

You must have your domain (in the Windows meaning), proxy login and  proxy password.
Mine are respectively: rktmb.org, mihamina, 1234abcd (yes, just for the example)

You must have you NTLM Proxy Hostnama or IP and port
Mine are respectively: prx.rktmb.org, 8080

You have to make cntlm format them to make cntlm job easy by

cntlm -H -d rktmb.org -u mihamina

This will output something like:

PassLM          D6F1CF1F55CFC61D2C114A2E7
PassNT          B649D7C5ECEFD7A189C189763
PassNTLMv2      F9E6B8689C0B5CE6194605D73

Thanks to https://gist.github.com/lpf23/d3c4e1ef158c7fb4a909

The final "cntlm.conf" file looks like:

Username        mihamina                                                                                                                                                                  
Domain          rktmb.org                                                                                                                                                                 
Password        1234abcd                                                                                                                                                              
                                                                                                                                                                                         
PassLM          D6F1CF1F55CFC61D2C114A2E7                                                                                                                                         
PassNT          B649D7C5ECEFD7A189C189763                                                                                                                                         
PassNTLMv2      F9E6B8689C0B5CE6194605D73                                                                                                                                         
                                                                                                                                                                                        
Proxy           prx.rktmb.org:8080

Configuring wget to use cntlm


You have to set the following environment variables:
export https_proxy=${http_proxy}
export http_proxy=http://localhost:3128
Feel free to put it into ".bashrc" or ".bash_profile", depending on your distribution.

Configuring Maven to use cntlm


In "~/.m2/settings.xml"

<settings xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd">

  <proxies>
    <proxy>
      <id>rktmb-proxy</id>
      <active>true</active>
      <protocol>http</protocol>
      <host>127.0.0.1</host>
      <port>3128</port>
    </proxy>
  </proxies>
</settings>


Popular posts from this blog

npm run build base-href

Using NPM to specify base-href When building an Angular application, people usually use "ng" and pass arguments to that invocation. Typically, when wanting to hard code "base-href" in "index.html", one will issue: ng build --base-href='https://ngx.rktmb.org/foo' I used to build my angular apps through Bamboo or Jenkins and they have a "npm" plugin. I got the habit to build the application with "npm run build" before deploying it. But the development team once asked me to set the "--base-href='https://ngx.rktmb.org/foo'" parameter. npm run build --base-href='https://ngx.rktmb.org/foo did not set the base href in indext.html After looking for a while, I found https://github.com/angular/angular-cli/issues/13560 where it says: You need to use −− to pass arguments to npm scripts. This did the job! The command to issue is then: npm run build -- --base-href='https://ngx.rktmb.org/foo&
Read more

emacs29 intelephense

Emacs 29 and PHP Intelephense I use to use Emacs and PHP Intelephense for PHP development. I recently upgraded to Emacs 29 and PHP Intelephense stopped working. I found a solution on Reddit Based on that, I rewrote my .emacs file to use eglot instead of lsp-mode, and this is the result. (use-package eglot :ensure t) (add-hook 'php-mode-hook 'eglot-ensure) (use-package php-mode :ensure t :mode ("\\.php\\'" . php-mode)) (add-to-list 'auto-mode-alist '("\\.php$" . php-mode)) (provide 'lang-php) (use-package company :ensure t :config (setq company-idle-delay 0.3) (global-company-mode 1) (global-set-key (kbd "M- ") 'company-complete)) (require 'eglot) (add-to-list 'eglot-server-programs '((php-mode :language-id "php") . ("intelephense" "--stdio" :initializationOptions (:licenseKey "98989898989898989898"
Read more

Jenkins invalid privatekey

Publish over SSH, Message "invalid privatekey:" With quite recent (June-July 2020) installations of Jenkins and OpenSSH, I have the following error message when using the "Deploy overs SSH" Jenkins plug-in and publishing artifacts to the target overs SSH: jenkins.plugins.publish_over.BapPublisherException: Failed to add SSH key. Message [invalid privatekey: [B@d8d395a] This problem seems to be referenced here: https://issues.jenkins-ci.org/browse/JENKINS-57495 Just regenerate a key with the right parameters To solve it: ssh-keygen -t rsa -b 4096 Or ssh-keygen -t rsa -b 4096 -m PEM
Read more