Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to configure Cntlm agent in Linux. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

Cntlm is a HTTP secondary agent software. Its main function is to make another agent for this agent and provide it to more subordinate users on the premise that the agent can surf the Internet. Lower-level users do not need and can not know the account password of the agent, which not only ensures security, but also realizes convenience.

Installation

Take the installation of Debian system as an example:

Sudo apt install cntlm

Non-Debian installation is in a similar form. Cntlm is a very old software that is released in all major Linux distributions. It is even released under Windows and can be installed through choco.

Choco install cntlm

The following introduction takes Linux as an example. The configuration under Windows is more or less the same as that of Linux, but the file location is different.

Configuration

After Cntlm is installed, there is a default configuration in / etc/cntlm.conf. If you need to view the configuration online, you can refer to cntlm.conf.

Modify cntlm.conf

The following configuration is almost the simplest configuration of / etc/cntlm.conf.

Username USERNAMEDomain COMPANY_DOMAINPassword * Proxy proxy.company.com:8080Proxy proxy2.company.com:8080NoProxy localhost, 127.0.0.percent, 10.percent, 192.168.percent, .company.comListen 3128

Note: USERNAME, proxy.company.com:8080, etc., should be changed to the values applicable to your own scenario. In addition, if you use the means in the next section [get Auth], the Password configuration can be omitted.

This configuration can only be accessed locally. If you want to allow access to machines other than localhost, you need to add Gateway yes.

Gateway yes

If you need to restrict external access, you can set a black (Deny) and white (Allow) list.

Allow 127.0.0.1Deny 0AGO get Auth

After the above configuration modifications are completed, you need to reload or restart cntlm. For more information, please see reloading or restarting.

$sudo cntlm-vc / etc/cntlm.conf-M http://baidu.comsection: global, Username = 'USERNAME'section: global, Domain =' COMPANY_DOMAIN'section: global, Proxy = 'proxy.company.com:8080'section: global, Proxy =' proxy2.company.com:8080'section: global, NoProxy = 'localhost, 127.0.20, 10.15, 192.168., .company.com'section: global Listen = '3128'...HEAD: HTTP/1.1 200 OKOK (HTTP code: 200)-- [Profile 1]-Auth NTLMPassNT 7FA051B4B85F0E7EEBB24D3CD73E52B0PassLM 23A1E1A7276E84EA4846D4C9FF957C35- -cntlm: Terminating with 0 active threads add Auth to the configuration

Add the following to the / etc/cntlm.conf you just modified:

Auth NTLMPassNT 7FA051B4B85F0E7EEBB24D3CD73E52B9PassLM 23A1E1A7276E84EA4846D4C9FF957C31 reload or restart

In the case of a package manager installation, Cntlm is guarded by systemd by default and boots automatically.

After you modify the configuration, the reload will take effect:

Sudo systemctl reload cntlm

If it still does not take effect, you can try to restart:

This is the end of sudo systemctl restart cntlm's article on "how to configure Cntlm Agent in Linux". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.