Open in app

Sign in

Write

Sign in

NTLM authentication on Linux

Mahdi Mallaki
2 min readJun 25, 2023

--

Connecting a Linux machine to a network with NTLM authentication

Photo by FLY:D on Unsplash

Introduction

In certain organizations, there are security rules that restrict access to internal networks through authentication and authorization policies. While it is straightforward to connect to a network with NTLM authentication on a Windows system, you might prefer to use alternative operating systems like Ubuntu, even within highly regulated companies. In this article, I will share my experience with connecting a Linux machine to a network with NTLM authentication. I utilized cntlm, a user-friendly tool that is easy to set up.

1- Install CNTLM

I assume that you do not have direct internet access and need to manually download the .deb file of cntlm and transfer it to your machine. So, first, you need to download cntlm from the following address:

Debian -- Details of package cntlm in buster

Fast NTLM authentication proxy with tunneling

packages.debian.org

The aforementioned package is for Debian 10 (Buster). However, if you are using a different version of Debian or another Linux distribution, you will need to search on Google using a query such as cntlm Fedora 20 to find and download the corresponding .rpm file.

To install the .deb file of cntlm, please use the following command:

$ sudo dpkg -i ./cntlm_0.92.3_amd64.deb

2- Configuration

Configuring cntlm is incredibly easy. You simply need to set the following items in the /etc/cntlm.conf file:

Username        your.username
Domain          your-comany-domain.com
Password        XXXXXXXXX
Proxy           cntlm-server.your-comapany-domain.com:8585

Sometimes, you may encounter DNS resolution issues with your private network domain names. In such cases, you can modify the /etc/resolv.conf file and include the following content (ensure to replace 192.168.1.1 with the private network DNS server address provided by your company):

nameserver 192.168.1.1

3- Running the CNTLM

You can then run cntlm in the background using the following command (it will automatically detach from the terminal):

$ sudo cntlm

By default, cntlm will listen on port 3128 as an HTTP proxy. Therefore, you need to configure a proxy on your browser or any other application through which you want to access the internal network of your company. You can set the proxy for terminal usage using the following command:

$ export HTTP_PROXY="http://127.0.0.1:3128"
$ export HTTPS_PROXY="http://127.0.0.1:3128"
$ curl -vvv https://google.com

Feedback

If you have any feedback or suggestions for improving my code, please leave a comment on this post or send me a message on my Linkedin page: https://www.linkedin.com/in/mahdi-mallaki-1aa9b083. I would greatly appreciate your contributions to help make this article better. If you enjoyed this post, be sure to follow me to stay updated on my latest articles.

Security
Ntlm
Cntlm
Linux

--

--

Mahdi Mallaki
Mahdi Mallaki

Written by Mahdi Mallaki

3.5K Followers
3 Following

My LinkedIn: https://www.linkedin.com/in/mahdi-mallaki-1aa9b083/

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams