It's possible to install ss-server
by apt
:
apt-get install shadowsocks-libev
by pip
:
pip install shadowsocks
or build it from source:
sudo apt update
sudo apt intall gettext build-essential autoconf libtool libpcre3-dev asciidoc xmlto libev-dev libudns-dev automake libmbedtls-dev libsodium-dev git python-m2crypto libc-ares-dev
git clone https://github.com/shadowsocks/shadowsocks-libev.git
cd shadowsocks-libev
git submodule update --init --recursive
./autogen.sh
./configure
make
make install
First, we create a new system user for shadowsocks:
adduser --system --no-create-home --group shadowsocks
Then we create a folder for shadowsocks cofigurations, and add configuration file to it.
mkdir -m 755 /etc/shadowsocks
touch /etc/shadowsocks/shadowsocks.json
Then we add contents to shadowsocks.json we just created.
{
"server":"192.0.0.1",
"server_port":8388,
"password":"mypassword",
"timeout":300,
"method":"aes-256-gcm",
"fast_open": true
}
The datails about this json file can be found here in shadowsocks' wiki and here. As mentioned here, local_address
and local_prot
should not be appeared in server-side config file.
You may want to apply some changes to /etc/sysctl.d/local.conf
and run sysctl --system
too. See here.
We should open TCP connection to port specified in config file, 8388 in this example.
iptables -4 -A INPUT -p tcp --dport 8388 -m comment --comment "Shadowsocks server listen port" -j ACCEPT
ufw allow proto tcp to 0.0.0.0/0 port 8388 comment "Shadowsocks server listen port"
You should be able to run ss-server like this:
ss-server -c /etc/shadowsocks/shadowsocks.json -a shadowsocks -v start
To make system daemon, we should create /etc/systemd/system/shadowsocks.service
with these contents:
[Unit]
Description=Shadowsocks proxy server
[Service]
User=root
Group=root
Type=simple
ExecStart=/usr/local/bin/ss-server -c /etc/shadowsocks/shadowsocks.json -a shadowsocks start
ExecStop=/usr/local/bin/ss-server -c /etc/shadowsocks/shadowsocks.json -a shadowsocks -v stop
[Install]
WantedBy=multi-user.target
And run:
systemctl daemon-reload
systemctl start shadowsocks
And if everything is OK, to make OS run service daemon automatically:
systemctl enable shadowsocks
To connecent to server, download the appropriate client app from shadowsocks website and configure it based on shadowsocks.json you have created.
To run client on termianl, after installing shadowsocks
or shadowsocks-libev
, you should be able to run sslocal
with an appropriate config file like this, as mentioned here:
sslocal -c shadowsocks.json
Or:
sslocal -c shadowsocks.json -d start
Config file shadowsocks.json should be like this:
{
"server":"my_server_ip",
"server_port":8388,
"local_address": "127.0.0.1",
"local_port":1080,
"password":"mypassword",
"timeout":300,
"method":"aes-256-cfb",
"fast_open": false
}
After that, you can connect to socks5://127.0.0.1:1080
or tunnel all system's traffic throw it.
In terminal, can can use:
export http_proxy=socks5://127.0.0.1:1080
export https_proxy=socks5://127.0.0.1:1080