Using pip behind a proxy with CNTLM
Here's a quick setup for pip
with a CNTLM proxy:
Unix Shell:
Windows CMD:
Replace 127.0.0.1:3128
with your CNTLM proxy's IP and port. This rides pip
through CNTLM, enabling package installations behind your proxy.
Setting up CNTLM and pip
Configuring CNTLM
Before crossing the pip
bridge, ensure that your CNTLM troll is awake and on duty. Update your cntlm.ini
with domain, username, and password hashes. Verify the settings via cntlm -I -M http://google.com
on Unix or cntlm.exe -c cntlm.ini -I -M http://google.com
on Windows.
Safeguarding credentials
Passwords are like underwear; keep them secure and avoid showcasing them in public. Generate hashes for your cntlm.ini
via cntlm -H
. If your organization requires, work the corporate root certificate into pip's cacert.pem
.
Mastering environment variables
The environment variables http_proxy
and https_proxy
will be your strongest cards against pip
's --proxy
option. And remember, https://
is the safest ride. Using sudo
? Go with sudo -E
for a seamless package installation.
Fine-tunning pip configurations
If you're a frequent player, consider having pip
remember your proxy. Include in pip.conf
(Unix) or pip.ini
(Windows):
Adjust the address and port to your CNTLM.
Resolving connection errors
If you're seeing "Connection to proxy failed", it's time to revisit your cntlm.ini
. Having SSL issues? Zap in your organization's root certificate into cacert.pem
.
Updating packages with a proxy
For a package refresh, use pip install -U package-name
. Have your proxy configurations ready before running this command.
Alternatives to CNTLM
Faced with a CNTLM hiccup? Refer to alternative setups, like using .netrc
or searching for comprehensive Windows and Ubuntu/Linux setup tutorials.
Pro tips and tricks
Say no to plaintext credentials
Hashed credentials are your best friends and your foes' worst enemies. Keep them in your secured fortress of configuration files.
Appropriate use of proxy notations
Be meticulous with your proxy URI syntax. A small error can lead down a rabbit hole of debugging.
Remember to test
Don't wait for a flaming wreck. Conduct routine tests on your CNTLM configuration.
Keep pip updated
Make sure pip
is on its best behavior by regularly updating it using -U
.
Different proxies for different virtual environments
Running multiple projects? Be sure to configure your proxy in every virtual environment.
Was this article helpful?