Shadowsocks安装与配置

来自linux中国网wiki
跳到导航 跳到搜索

介绍

Shadowsocks(中文名称:影梭)是使用Python、C++、C#等语言开发、基于Apache许可证的开放源代码软件,用于保护网络流量、加密数据传输。Shadowsocks使用Socks5代理方式。

服务器端

docker

docker pull shadowsocks/shadowsocks-libev
docker run -e PASSWORD=<password> -p<server-port>:8388 -p<server-port>:8388/udp -d shadowsocks/shadowsocks-libev

#eg 注意命令后面的8388是不可以改的哦 看官方格式 -p hostPort:containerPort
docker run -e PASSWORD=la224088888 -p 8388:8388 -p 8388:8388/udp -d shadowsocks/shadowsocks-libev

#在运行docker容器时可以加如下参数来保证每次docker服务重启后容器也自动重启:
$docker run --restart=always
#如果已经启动了则可以使用如下命令:
$docker update --restart=always <CONTAINER ID>


# on ec2  小记 记得在公司时安装后连接不成功 现在又成功了呀 怪事  第二个端口不能变  还有godaddy 两个相同的ss A 也没错,当成 负载了么 哈哈
#昨天连不上服务器 今天直接停止 再重启 就好了,不过ip变了  2019年 02月 19日

More information about the image can be found here.

freebsd

pkg install shadowsocks-libev
#or 
cd /usr/ports/net/shadowsocks-libev
make install

Edit your config.json file. By default, it's located in /usr/local/etc/shadowsocks-libev
To enable shadowsocks-libev, add the following rc variable to your /etc/rc.conf file:
[email protected]:~ # cat /usr/local/etc/shadowsocks-libev/config.json
{
    "server":"18.17.120.15",
    "server_port":8888,
    "local_port":1080,
    "password":"barfoo!",
    "timeout":60,
    "method":"aes-256-cfb", #加密方法,推荐用 “aes-256-cfb”
    #"method":null
}


shadowsocks_libev_enable="YES"
Start the Shadowsocks server:

service shadowsocks_libev start
service shadowsocks_libev restart

netstat -l4s

centos

cd /etc/yum.repos.d/
wget -c https://copr.fedorainfracloud.org/coprs/librehat/shadowsocks/repo/epel-6/librehat-shadowsocks-epel-6.repo

su -c 'yum update'
su -c 'yum install shadowsocks-libev'

##配置
vi /etc/shadowsocks-libev/config.json #编辑,添加以下内容

{
    "server":"36.63.38.02",
    "server_port":8888,
    "local_port":1080,
    "password":"love",
    "timeout":60,
    "method":"aes-256-cfb",
}

debian 9

For Debian 9 (Stretch) users, please install it from stretch-backports: We strongly encourage you to install shadowsocks-libev from stretch-backports. For more info about backports, you can refer Debian Backports.

sudo sh -c 'printf "deb http://deb.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/stretch-backports.list'
sudo apt update
sudo apt -t stretch-backports install shadowsocks-libev

Configure and start the service

# Edit the configuration file
sudo vim /etc/shadowsocks-libev/config.json

# Edit the default configuration for debian
sudo vim /etc/default/shadowsocks-libev

# Start the service
sudo /etc/init.d/shadowsocks-libev start    # for sysvinit, or
sudo systemctl start shadowsocks-libev      # for systemd


sudo update-rc.d shadowsocks-libev default

安装文档

源码编译安装

yum install wget curl curl-devel zlib-devel openssl-devel perl perl-devel cpio expat-devel gettext-devel git -y
git clone git clone https://github.com/shadowsocks/shadowsocks.git
# configure: error: Cannot find `asciidoc` in PATH. 
#you must install asciidoc, or you will have to "--disable-documentation"
yum -y  install asciidoc xmlto
git clone https://github.com/shadowsocks/shadowsocks-libev.git
#git clone https://github.com/madeye/shadowsocks-libev.git #克隆到本地
cd shadowsocks-libev 
./configure 
make -j3  && make install

#nohup /usr/local/bin/ss-server -s x.x.x.x -p 8000 -k 密码 -m aes-256-cfb &
mkdir /etc/shadowsocks-libev #创建配置文件存放目录

vi /etc/shadowsocks-libev/config.json #编辑,添加以下内容
{
"server":"12.12.1.2.12", #服务端监听的IP地址
"server_port":8888, #服务端端口
"local_address":"127.0.0.1", #本地监听的IP地址
"local_port":1080, #本地端端口
"password":"123456", #用来加密的密码
"timeout":60, #超时时间(秒)
"method":"aes-256-cfb", #加密方法,推荐用 “aes-256-cfb”
}

设置shadowsocks-libev服务端开机启动

vi /etc/init.d/ss-server #编辑,添加以下代码
#!/bin/bash
# Run level information:
# chkconfig: 2345 77 88
# Description: lightweight secured socks5 proxy
# processname: ss-server
# Paths and variables and system checks.
# Source function library
. /etc/rc.d/init.d/functions

# Check that networking is up.
#
[ ${NETWORKING} ="yes" ] || exit 0
# Daemon
NAME=shadowsocks-server
DAEMON=/usr/local/bin/ss-server
# Path to the configuration file.
#
CONF=/etc/shadowsocks-libev/config.json
#USER="nobody"
#GROUP="nobody"
# Take care of pidfile permissions
mkdir /var/run/$NAME 2>/dev/null || true
#chown "$USER:$GROUP" /var/run/$NAME
# Check the configuration file exists.
#
if [ ! -f $CONF ] ; then
echo "The configuration file cannot be found!"
exit 0
fi
# Path to the lock file.
#
LOCK_FILE=/var/lock/subsys/shadowsocks
# Path to the pid file.
#
PID=/var/run/$NAME/pid
#====================================================================
#====================================================================
# Run controls:
RETVAL=0
# Start shadowsocks as daemon.
#
start() {
if [ -f $LOCK_FILE ]; then
echo "$NAME is already running!"
exit 0
else
echo -n $"Starting ${NAME}: "
#daemon --check $DAEMON --user $USER "$DAEMON -f $PID -c $CONF > /dev/null"
daemon $DAEMON -u -c $CONF -f $PID
fi
RETVAL=$?
[ $RETVAL -eq 0 ] && success
echo
[ $RETVAL -eq 0 ] && touch $LOCK_FILE
return $RETVAL
}
# Stop shadowsocks.
#
stop() {
echo -n $"Shutting down ${NAME}: "
killproc -p ${PID}
RETVAL=$?
[ $RETVAL -eq 0 ]
rm -f $LOCK_FILE
rm -f ${PID}
echo
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
condrestart)
if [ -f $LOCK_FILE ]; then
stop
start
RETVAL=$?
fi
;;
status)
status $DAEMON
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|status}"
RETVAL=1
esac
exit $RETVAL

chmod +x /etc/init.d/ss-server #添加脚本执行权限
chkconfig --add ss-server #添加到开机启动
chkconfig ss-server on #设置开机启动

启动:/etc/init.d/ss-server start
停止:/etc/init.d/ss-server stop
重启:/etc/init.d/ss-server restart
查看状态:/etc/init.d/ss-server status

client

pc

有GUI界面的教程 通过shadowsocks翻墙

ss-local建议用这个作为client

#on my pc 
pip install shadowsocks #apt-get install shadowsocks-libev
ss-local -s 45.77.26.30 -p 8080 -k "881" -l 7070 -t 600 -m aes-256-cfb

加在我的脚本上
#!/bin/bash
# */1 * * * * /home/evan/tunnel
#CPID=$$   #$$ 是脚本运行的当前进程ID号
RUN="`ps -ef | grep "$0" | grep -v "grep" | grep -v "$CPID" | wc -l`"  #$0 是脚本本身的名字
[ "$RUN" -gt 2 ] && exit
sleep 4

ss-local -s 15.57.86.70 -p 8080 -k "123456" -l 7070 -t 600 -m aes-256-cfb
sleep 6



运行 ss-local 启动客户端;若需指定配置文件的位置:

# sslocal -c /etc/shadowsocks/config.json

# sslocal -s 服务器地址 -p 服务器端口 -l 本地端端口 -k 密码 -m 加密方法

配合nohup和&可以使之后台运行,关闭终端也不影响:

#nohup sslocal -s 服务器地址 -p 服务器端口 -l 本地端端口 -k 密码 -m 加密方法 &

增加 -v 参数获取详细log信息 

以守护进程形式运行客户端
注意: shadowsocks和shadowsocks-libev的systemd 系统单元使用相同的配置文件路径 (/etc/shadowsocks)
Shadowsocks的systemd服务可在/etc/shadowsocks/里调用不同的conf-file.json(以conf-file为区分标志),例: 在/etc/shadowsocks/中创建了foo.json配置文件,那么执行以下语句就可以调用该配置:
# systemctl start [email protected]
若需开机自启动:
# systemctl enable [email protected]
提示: 可用journalctl -u [email protected]来查询日志;



sudo apt-get update比如 sslocal -s 11.22.33.44 -p 50003 -k "123456" -l 1080 -t 600 -m aes-256-cfb
-s表示服务IP, -p指的是服务端的端口,-l是本地端口默认是1080, -k 是密码(要加""), -t超时默认300,-m是加密方法默认aes-256-cfb,

sudo apt-get install python-pip
sudo apt-get install python-setuptools m2crypto

pip install shadowsocks
#apt-get install shadowsocks-libev

#nohup sslocal -s 服务器地址 -p 服务器端口 -l 本地端端口 -k 密码  -m 加密方法 &
sslocal -s  138.197.220.125 -p 8388 -l 1088 -k "evan2240881" -t 600 -m aes-256-cfb

比如 sslocal -s 11.22.33.44 -p 50003 -k "123456" -l 1080 -t 600 -m aes-256-cfb

-s表示服务IP, -p指的是服务端的端口,-l是本地端口默认是1080, -k 是密码(要加""), -t超时默认300,-m是加密方法默认aes-256-cfb,

cat  /etc/shadowsocks-libev/config.json

https://shadowsocks.org/en/download/clients.html

ssh tunnel

ssh tunnel 是比较具有代表性的防窃听通讯隧道,通过 ssh 与境外服务器建立一条加密通道,此时的通讯 GFW 会将其视作普通的连接。由于大家都这么玩,GFW 着急了,于是它通过各种流量特征分析,渐渐的能够识别哪些连接是 ssh 隧道,并尝试性的对隧道做干扰,结果还是玩不过 GFW,众多隧道纷纷不通。怪不得近来用起来老是被断开

android

下载好apk文件(现在得提前下载 哥已保存好一份在手机和电脑上)

或者官网下载apk 建议用 universal这个通用版本

https://github.com/shadowsocks/shadowsocks-android/releases


为了方便我推荐直接用sslcoal -c 配置文件路径 这样的方式,简单好用。 https://aitanlu.com/ubuntu-shadowsocks-ke-hu-duan-pei-zhi.html

linux配置shadowsocks客户端 https://my.oschina.net/u/1432769/blog/619651

各种系统下Shadowsocks客户端的安装与配置 http://www.jeyzhang.com/how-to-install-and-setup-shadowsocks-client-in-different-os.html

注: 20170213 client sslocal 命令不成功

cloud.google

在google cloud上要注意一下  

要配置为静态ip   新开8080端口是不行的 就算是开了防火墙

配置 建议用内网IP 或者 0.0.0.0

用Google Cloud Platform搭建Shadowsocks服务教程

拥有一架 Google 的小飞机是一种怎样的体验

trouble

Connection reset by peer 的解决伟大的国家防火墙

see also

V2ray


Ubuntu利用shadowsocks和polipo终端翻墙

shadowsocks(ss) + polipo 实现命令行的全局翻墙代理

CentOS安装shadowsocks-libev


https://zh.wikipedia.org/wiki/Shadowsocks

官方安装文档 https://shadowsocks.org/en/download/servers.html

shadowsocks – libev 服务端的部署

各种系统下Shadowsocks客户端的安装与配置 使用“影梭”,为你的iOS设备实现全局代理

Vultr(VPS)搭建SS服务器图文指导教程 最新完整版


各种系统下Shadowsocks客户端的安装与配置 写给非专业人士看的 Shadowsocks 简介

https://wiki.archlinux.org/index.php/Shadowsocks_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)#.E5.AE.A2.E6.88.B7.E7.AB.AF

跟 Toy 玩自架服务器:5 分钟搭一架梯子

Shadowsocks 原理简介及安装指南

GUIclient

Debian编译安装shadowsocks-qt5

Kali Linux 下安装 Shadowsocks-qt5 及使用教程

Ubuntu使用Shadowsocks-qt5科学上网