Sorry for writing long answer, but apt.conf is very sensitive issue of system. So it it necessary to clear all the aspects.
As far as I know ~/.bashrc and /etc/apt/apt.conf accept your proxy settings only if it is given it in human readable form, at most you can force them to read from a different files. I am going to exploit this. I will keep the proxy credentials to files that are not accessible to anyone but root/sudoer user. But one has to unveil the proxy settings to apt-get and/or software-center before use them every time.
Secure way to supply proxy to shell environment
Cut all the contents that you put into your ~/.bashrc in order to supply proxy settings in shell environment and paste to a file say ~/.mybashproxy. Change ~/.mybashproxy ownership to root and strip off the read write permission for group and other, so that only sudoers can access them.
sudo chown root:root ~/.mybashproxy
sudo chmod go-rw ~/.mybashproxy
Make the following alias in ~/.bashrc or in ~/.bash_aliases, I would prefer to use the latter.
alias begin_proxy='sudo cat .mybashproxy > .tmp; source .tmp; rm .tmp'
Usage
You have to enable proxy in your shell environment by begin_proxy command from terminal providing your sudo password. In this way nobody will know your proxy credentials. But after using begin_proxy if you allow someone to access the same terminal, he might be able to see your credentials using env | grep proxy command in terminal. To be secure do not allow anyone to use the same terminal where you used begin_proxy.
Secure way to supply proxy to apt-get
apt-get and software-center use the file /etc/apt.conf to preserve proxy settings . Create a file /etc/apt/myproxy.txt and put content of your /etc/apt/apt.conf in it from terminal by opening it as,
sudo gedit /etc/apt/myproxy.txt
next copy the desired content and save the file. Remove read write permission of /etc/apt/myproxy.txt for group and other as shown above using chmod.
Create a temporary file named say tmproxy.txt at /etc/apt/ and give read-write permission for all to it as follows,
sudo touch /etc/apt/tmproxy.txt
sudo chmod go+rw /etc/apt/tmproxy.txt
I am going to supply proxy settings to apt-get and software-center from it when necessary. Add the following line in /etc/apt/apt.conf to read proxy settings from /etc/apt/tmproxy.txt.
#inclued /etc/apt/tmproxy.txt;
except the above line /etc/apt/apt.conf should contain nothing. Now create the following aliases in ~/.bash_aliases
alias able_apt='sudo cat /etc/apt/myproxy.txt > /etc/apt/tmproxy.txt'
alias disable_apt='echo "0;" > /etc/apt/tmproxy.txt'
Usage
Before using apt-get and/or software-center you have to use the command able_apt providing your sudo password. Then all your proxy credentials will be stored in /etc/apt/tmproxy.txt and apt-get and/or software-center will be able to use it. After closing software-center or after using apt-get to wipe out proxy credentials from /etc/apt/tmproxy.txt, use command disable_apt. In this process also no one could see your proxy credentials unless you leave them in /etc/apt/tmproxy.txt by forgetting to use disable_apt
Notes and Summary
- In the alias
disable_apt the semicolon (;) after zero is important otherwise you will get errors "Extra junk at end of file" A red error icon can also appear on top right panel.
- If you don't have
~/.bash_aliases, create one. And source ~/.bashrc afer making sure that ~/.bashrc contains the following lines,
if [ -f ~/.bash_aliases ]; then
. ~/.bash_aliases
fi
- Immediately after doing the above settings to enable aliases either you have to logout and login once or you can use
source ~/.bash_aliases in terminal.
At the end of the story you have three aliases to use:
begin_proxy - to start proxy in shell environment. Lasts until terminal is open.able_apt - to enable apt-get and/or softwere-center and to store proxy credentials in /etc/apt/tmproxy.txtdisable_apt - to disable apt-get and/or softwere-center and to wipe out proxy credentials from /etc/apt/tmproxy.txt
Hope this will be helpful.
