Configuring Proxies for apt and yum
Introduction
Linux package managers (apt, yum, dnf) download packages from repositories. Proxy configuration is necessary in corporate networks, on servers behind NAT, or for using packages from geo-restricted repositories.
Basic Configuration
apt (Debian/Ubuntu)
Create the file /etc/apt/apt.conf.d/proxy.conf:
Acquire::http::Proxy "http://user:pass@proxy_ip:port";
Acquire::https::Proxy "http://user:pass@proxy_ip:port";
Or via environment variables:
export http_proxy=http://user:pass@proxy_ip:port
export https_proxy=http://user:pass@proxy_ip:port
sudo -E apt update
yum/dnf (CentOS/Fedora/RHEL)
In /etc/yum.conf, add:
proxy=http://proxy_ip:port
proxy_username=user
proxy_password=pass
For dnf — the same file /etc/dnf/dnf.conf.
Advanced Configuration
Environment Variables
Most tools support standard environment variables for proxies:
- HTTP_PROXY / http_proxy — proxy for HTTP requests
- HTTPS_PROXY / https_proxy — proxy for HTTPS requests
- NO_PROXY / no_proxy — list of exceptions (addresses that bypass the proxy)
- ALL_PROXY / all_proxy — proxy for all protocols
SSL and Self-Signed Certificates
Corporate proxies often use their own SSL certificates. To work through them, you need to:
1. Obtain the proxy's CA certificate from the administrator
2. Add it to the system certificate store
3. Or disable SSL verification (for testing only)
Authentication
Two main authentication methods are supported:
By username and password — standard HTTP Basic authentication. Credentials are sent with each request. URL format: http://user:pass@proxy_ip:port
By IP address (whitelist) — your IP is added to a whitelist. No credentials need to be sent.
Verifying Operation
After configuration, check:
1. Perform a test request through the proxy
2. Ensure that the IP has changed
3. Check the connection speed
4. Ensure there are no DNS leaks
Troubleshooting
Proxy not connecting
- Check the correctness of the address and port
- Ensure that the firewall is not blocking the connection
- Check the proxy's accessibility from your network
SSL errors
- For corporate proxies, add the CA certificate
- For testing — temporarily disable SSL verification
- Update SSL libraries to the latest version
Authentication errors
- Check the username and password
- Ensure the correct format of credentials
- Try URL encoding special characters in the password
Best Practices
- Use environment variables — for flexibility and security
- Do not hardcode credentials — use environment variables or configuration files
- Configure exclusions — do not proxy localhost and internal addresses
- Document settings — in the project's README or team wiki
- Test after changes — any configuration change requires verification
Conclusion
Correct proxy configuration ensures stable tool operation and connection security. Follow the recommendations in this guide and always verify functionality after setup.