Shadowsocks is an open source socks5 proxy that can be used to bypass firewall and unblock websites. Originally developed by a Chinese called clowwindy on Github, now the application has been implemented in all kinds of programming languages such as C, C++, Go, Python and the like. This Tutorial will guide you through setting up your own Shadowsocks server and how to use it on your desktop computer, android and iOS. I assume you already have access to a VPS or dedicated server.
Shadowsocks VS VPN
As you may already know, you can use VPN (Virtual Private Network) to bypass firewall and protect your anonymity on the web. Do you need another software like shadowsocks to do the same? One thing you can find is that When you are using VPN, all your Internet traffic is routed through VPN. Because VPN servers are usually located outside your country, this can slow down your Internet speed especially when you are visiting websites inside your country.
Shadowsocks comes to the rescue! Besides a global proxy setting, shadowsocks can also be setup in a way that some of your applications go through shadowsocks and other applications go through normal traffic. For example, you can use Google Chrome to bypass firewall, visit Google, Facebook, YouTube and use Firefox to visit sites that isn’t blocked in your area.
By the way, shadowsocks client will automatically reconnect to shadowsocks server if there’s a disconnect. Although you can configure VPN client to do the same, but that will take extra work.
Setting Up Shadowsocks on Your Server
There are many ways to install shadowsocks on Linux server, but I will show you the easiest way.
First install
python pip and then use pip to install shadowsocks. m2crypto will make encryption a little faster
Debian/Ubuntu
sudo apt-get install python-pip python-m2crypto sudo pip install shadowsocks
Create a configuration file:
sudo vi /etc/shadowsocks.json
Put the following text into the file.
{
"server":"your_server_ip",
"server_port":8000,
"local_port":1080,
"password":"your_passwd",
"timeout":600,
"method":"aes-256-cfb"
}
Explanation of each field:
- server: your hostname or server IP (IPv4/IPv6).
- server_port: server port number.
- local_port: local port number.
- password: a password used to encrypt transfer.
- timeout: connections timeout in seconds.
- method: encryption method, “bf-cfb”, “aes-256-cfb”, “des-cfb”, “rc4”, etc. Default is table, which is not secure. “aes-256-cfb” is recommended.
Replace the green text with your info. Save and close the file, then start shadowsocks server.
sudo ssserver -c /etc/shadowsocks.json -d start
To stop shadowsocks server:
sudo ssserver -d stop
Restart Shadowsocks server:
sudo ssserver -c /etc/shadowsocks.json -d restart
Check Shadowsocks log
less /var/log/shadowsocks.log
You may need to allow traffic through your Shadowsocks server port in iptables firewall by running command:
sudo iptables -I INPUT -p tcp --dport 8000 -j ACCEPT
Auto Start on System Boot
If you want shadowsocks server to automatically start on system boot, then edit /etc/rc.local file
sudo vi /etc/rc.local
Add the following line to the file above exit 0 line
/usr/bin/python /usr/local/bin/ssserver -c /etc/shadowsocks.json -d start