apt-get through NTLM authenticated proxy

in /etc/apt/apt.conf, add the line:

Acquire::http::Proxy "http://MYDOMAIN\MYNAME:[email protected]:MYPORT";

the semicolon is required at the end of the line to add


A better alternative is to install CNTLM, which is an NTLM proxy that presents itself as an ordinary web proxy.

It's quite easy to install from .deb (trivial dependencies adduser and libc6 which should be on every system ever) and configure. Once you have it installed, you just tell apt-get to use proxy localhost:3128.

This solution has two advantages:

  1. it works for all programs using HTTP/HTTPS/FTP, including apt-get, web browsers, and SSH sessions tunneled over HTTPS (good for escaping the firewall if you need to.)

  2. your password is stored in cntlm.conf as a hash instead of in plain text.

CNTLM works on Windows as well. Very neat.


See Setting up apt-get to use a http-proxy (on https://help.ubuntu.com/community/AptGet/).