I want to add SOCKS proxy settings to /etc/apt/apt.conf. What is the syntax for it? Is it same as http and ftp syntax?
Thanks.
Asked
Active
Viewed 7.1k times
6 Answers
67
Acquire::http::proxy "socks5h://server:port";
This works for me on Ubuntu 18.04. As the man page says, socks5h, not socks5, is supported by apt, which means socks5 proxy with DNS resolving ability.
-
2This is correct and indeed seems to work on Ubuntu 18.04. Although one might want to include _Acquire::https::proxy_ and _Acquire::ftp::proxy_ as well (with the same value). – Hamy Mar 01 '19 at 14:19
-
5adding proxy rule `Acquire::https::proxy "socks5h://server:port";` to a `apt.conf.d` file (like `/etc/apt/apt.conf.d/12proxy`) works just fine. I would suggest to stick to **https** unless otherwise is necessary. – ResilientBit May 09 '19 at 06:35
-
3Also for a proxy server requiring authentication, this line is modified as `Acquire::http::proxy "socks5h://user:pass@server:port";`. The above rule works just fine in Ubuntu 18.04. Here `socks5h` enforces DNS resolution at the proxy server. – ResilientBit May 09 '19 at 06:44
-
Anyone knows if this works in Ubuntu 16.04? – a06e Jun 18 '19 at 12:54
-
doesn't work on 14.04 – razieh babaee Jul 06 '19 at 12:55
-
(the option name itself is case insensitive, so you can type `acquire::http::proxy`) – imkzh Mar 27 '22 at 13:07
-
I wonder what needs to be done on Debian to make it work too? – Nikita Kipriyanov Apr 10 '23 at 06:42
37
A possible solution can be to use tsocks, an application that can redirect the network traffic through a socks proxy.
Install tsocks package, modify /etc/tsocks.conf to set address and port number of your socks proxy, and run:
$ sudo -s
# tsocks apt-get update
# tsocks apt-get dist-upgrade
# exit
$
or
$ sudo -s
# . tsocks -on
# apt-get update
# apt-get dist-upgrade
# . tsocks -off # not really necessary, given the exit
# exit
$
You can think to a number of options, to simplify and automate its use.
Don't forget the leading dot, the Manpage has more deatails on this.
Edit: a shorter way to use it:
$ sudo tsocks apt-get update
$ sudo tsocks apt-get dist-upgrade
-
14It seems tsocks is not installed by default, so I need to run `sudo tsocks apt-get install tsocks`. Hahahahahaha... – fikr4n Apr 12 '16 at 07:21
-
2
-
3Also: As of apt 1.3~rc1 (Debian version, not sure exactly which Ubuntu version, though my guess is not until Zesty), you can use `Acquire::http::Proxy "socks5h://hostname:port/"`. See the changelog at https://anonscm.debian.org/gitweb/?p=apt/apt.git;a=blob;f=debian/changelog;hb=f5e9be1da89725f9bf1915bdf86fdc4a77edf917 – derobert Feb 21 '17 at 22:12
-
1Well... that's funny. To make apt-get work you need to... `apt-get something`! – Equidamoid Jul 05 '17 at 17:48
-
2a little correction to @derobert line: `Acquire::socks::Proxy "socks5h://hostname:port/";` does the trick. Http does **not** - try it with Tor and you'll see a standard response "Tor is not a http proxy", so the `http` goes replaced by `socks` - and it works! – Alexey Vesnin Aug 20 '17 at 11:30
12
Using the next config line works for me:
Acquire::socks::proxy "socks5://server:port";
To keep apt.conf clean and avoid problems at Linux upgrade I created a new file (/etc/apt/apt.conf.d/12proxy) and added the config file to it.
-
-
-
1
-
-
-
3It should be Acquire::http::proxy and also socks5**h** for dns resolution on proxy side – ZAB May 29 '19 at 20:50
7
I couldn't find anything on Acquire::socks::proxy in the apt.conf manual of Ubuntu Xenial. You could fix this by running a local http proxy that supports upstream socks proxy, for example Polipo. You need to configure Polipo as follows:
proxyAddress = "::1"
proxyPort = 8118
socksParentProxy = "sockshost:socksport"
socksProxyType = socks5
and then set the http proxy in your apt.conf file:
Acquire::http::proxy "http://127.0.0.1:8118/";
Acquire::https::proxy "https://127.0.0.1:8118/";
Mos
- 191
- 2
- 4
-
This is a great solution, it worked for me smoothly on Ubuntu 14.04. Thank you – the.1337.house Apr 21 '20 at 10:22
5
Or tou can put in your /etc/apt/apt.conf something like this:
Acquire::socks::proxy "socks://user:pass@host:port/";
mrkbbk
- 91
- 1
- 1
-
2
-
-
5I'm pretty sure this is wrong syntax, it means "proxy all URLs that begin with socks:// through socks://user:pass@host:port/". Really, it should be this: `Acquire::http::proxy "socks://user:pass@host:port/";` – Hans-Christoph Steiner Jul 18 '14 at 16:03
-
@Hans-ChristophSteiner: This makes a connection to the indicated host and port, but the connection does not use the socks protocol. It looks like a http proxy protocol, but I did not check with an actual http proxy. – Seth Robertson Apr 16 '15 at 00:02
-
At this point, I'm sure that `Acquire::socks` is for setting the proxy for URLs that start with `socks://`. So that means you don't need a proxy to access the internet, and `apt` is not using any proxy for `ftp://`, `http://`, or `https://`.. `apt` only supports HTTP proxies, i.e. `Acquire::http::proxy "http://localhost:8118`. – Hans-Christoph Steiner Sep 08 '15 at 19:38
2
In Debian, you can read the manpage apt-transport-http(1) and look for supported URI schemes. As was answered before, put
Acquire::http::proxy "socks5h://server:port";
in
/etc/apt/apt.conf.d/12proxy
You can read more about the APT-config in general in apt.conf(5) and read the examples in /usr/share/doc/apt/examples/configure-index.gz mentioned at the end of the manpage.
This can be combined with ssh -D <LOCAL PORT> <USER>@<HOST> to create a SOCKS proxy to a different system so that apt can then use the proxy as if everything originated on <HOST>.
If you use ssh -D 0.0.0.0:<LOCAL PORT> <USER>@<HOST> or ssh -D [::]:<LOCAL PORT> <USER>@<HOST> (for IPv6) to enable other systems to use the SOCKS proxy on all interfaces. This can be a security risk or breach of (corporate) policy. Make sure you know what you are doing.
AdamKalisz
- 189
- 6