Z's Blog

在VPS上部署shadowsocks服务

Posted on In , Views:
Symbols count in article: 3.2k Reading time ≈ 8 mins.

In the past few days, I helped a colleague set up a VPS for proxy use and organized some related materials along the way. This article is not aimed at beginners. Before reading the following content, you should first have a VPS that can access the external network (foreign network), and secondly, you should have some basic knowledge of Linux operations.

I previously wrote a blog post about using Shadowsocks on Linux. If you’re interested, you can check it out here: Using Shadowsocks on Linux

Installing Shadowsocks-Python

Installation Method:

1
2
3
$ wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks.sh
$ chmod +x shadowsocks.sh
$ ./shadowsocks.sh 2>&1 | tee shadowsocks.log

Uninstallation Method:
Log in as the root user and run the following command:

1
$ ./shadowsocks.sh uninstall

Single User Configuration File Sample:
Configuration file path: /etc/shadowsocks.json

1
2
3
4
5
6
7
8
9
10
{
    "server":"0.0.0.0",
    "server_port":8989,
    "local_address":"127.0.0.1",
    "local_port":1080,
    "password":"yourpassword",
    "timeout":300,
    "method":"aes-256-cfb",
    "fast_open": false
}

Multi-User Multi-Port Configuration File Sample:
Configuration file path: /etc/shadowsocks.json

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
    "server":"0.0.0.0",
    "local_address":"127.0.0.1",
    "local_port":1080,
    "port_password":{
         "8989":"password0",
         "9001":"password1",
         "9002":"password2",
         "9003":"password3",
         "9004":"password4"
    },
    "timeout":300,
    "method":"aes-256-cfb",
    "fast_open": false
}

Usage Commands:

1
2
3
4
5
6
7
8
# Start
$ /etc/init.d/shadowsocks start
# Stop
$ /etc/init.d/shadowsocks stop
# Restart
$ /etc/init.d/shadowsocks restart
# Status
$ /etc/init.d/shadowsocks status

Installing libsodium (CHACHA20 Encryption)

chacha20 depends on libsodium. Here’s how to compile and install libsodium:

First, install the dependency gcc and g++:

1
$ sudo apt-get install gcc g++

Download the libsodium source code and compile:

1
2
3
4
5
6
7
8
$ wget https://download.libsodium.org/libsodium/releases/LATEST.tar.gz
$ tar zxf LATEST.tar.gz
$ cd libsodium*
$ ./configure
$ make && make install
 
$ echo /usr/local/lib > /etc/ld.so.conf.d/usr_local_lib.conf
$ ldconfig

After installation, manually edit Shadowsocks configuration file shadowsocks.json to change the method entry to chacha20 to enable it. The configuration file path from the one-click install SS script is /etc/shadowsocks.json.

Modify the result as follows (only change method):

1
2
3
4
5
6
7
8
9
10
{
    "server":"0.0.0.0",
    "server_port":8989,
    "local_address":"127.0.0.1",
    "local_port":1080,
    "password":"yourpassword",
    "timeout":300,
    "method":"chacha20",
    "fast_open": false
}

Installing net-speeder

Installation Steps:
1: Download the source code and unzip

1
2
$ wget https://github.com/snooda/net-speeder/archive/master.zip
$ unzip master.zip

2: Prepare the compilation environment
debian/ubuntu:

1
2
3
4
# Install libnet-dev:
$ apt-get install libnet1-dev
# Install libpcap-dev:
$ apt-get install libpcap0.8-dev

centos:

1
2
3
4
5
6
7
# Download epel: https://fedoraproject.org/wiki/EPEL/zh-cn. For example, 64-bit CentOS6:
$ wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# (If it’s centos5, go to epel/5/)
# Install epel:
$ rpm -ivh epel-release-6-8.noarch.rpm
# Then you can use yum to install:
$ yum install libnet libpcap libnet-devel libpcap-devel

Compile:

Compile using the Linux Cooked interface (venetX, OpenVZ):

1
$ sh build.sh -DCOOKED

Compile using a regular network card (Xen, KVM, physical machine):

1
$ sh build.sh

Usage (needs to be started with root permissions):

1
$ nohup net_speeder venet0 "ip" >/dev/null 2>&1 &

Using finalspeed for acceleration

2017.07.20 19:54 Note: I have discontinued the use of finalspeed and recommend using锐速 or bbr.

One-click installation code:

1
$ wget -N --no-check-certificate https://raw.githubusercontent.com/91yun/finalspeed/master/install_fs.sh && bash install_fs.sh

One-click uninstallation code:

1
$ wget -N --no-check-certificate https://raw.githubusercontent.com/91yun/finalspeed/master/install_fs.sh && bash install_fs.sh uninstall

finalspeed operational commands

1
2
3
4
5
6
# Start
$ /etc/init.d/finalspeed start
# Stop command
$ /etc/init.d/finalspeed stop
# Status command (view logs)
$ /etc/init.d/finalspeed status

finalspeed installation path

Installation path: /fs/
Log path: /fs/server.log

finalspeed usage method

Assume the server IP is 10.10.10.10, finalspeed port is the default 150, and SS server port is 898. The prerequisite for acceleration is that the SS server is running properly, and the SS client can also log in normally.

1. Run the FinalSpeed client and enter your server IP

2. Click Add - Increase acceleration port, the acceleration port is the SS server port 8989. If it is another port, please modify accordingly. The local port can be arbitrary; here it is 2000.

3. Open the SS client to add the server, server IP is 127.0.0.1, server port is the corresponding local port of the acceleration port, here it is 2000, then set your SS password and encryption method.

5. Confirm and save, choose to use the just added server, and set the browser proxy. After successfully connecting, the FinalSpeed status bar will display the prompt “Connected to server successfully.”

Add to VPS startup

Finally, add these services we installed to VPS’s startup so that our SS service will start even after the VPS restarts.

Add the following lines of code to /etc/rc.local:

1
2
3
4
nohup /etc/init.d/shadowsocks start >/dev/null 2>&1 &
# Note: To set net-speeder to start at boot, write the absolute path (e.g., /etc/net_speeder)
nohup /etc/net_speeder venet0 "ip" >/dev/null 2>&1 &
nohup /etc/init.d/finalspeed start >/dev/null 2>&1 &

Finally, enter the following commands to check the status of the programs:

1
2
3
$ /etc/init.d/shadowsocks status
$ /etc/init.d/finalspeed status
$ ps

As shown below, running this way is OK.

References

The addresses of the tools mentioned in the article:

  1. shadowsocket
  2. net-speeder
  3. libsodium
  4. finalSpeed

Reference articles:

One-click installation script for Shadowsocks Python version
One-click installation script for shadowsocks-libev on Debian
ShadowsocksR Server Installation Tutorial

One-click installation package for finalspeed
Dual-speed FinalSpeed client download and tutorial, a boon for Openvz

Building Shadowsocks on Bandwagonhost and optimizing speed
Optimizing single-thread download speed on high-latency unstable links with net-speeder

The article is finished. If you have any questions, please comment and communicate.

Scan the QR code on WeChat and follow me.

Title:在VPS上部署shadowsocks服务
Author:LIPENGZHA
Publish Date:2016/07/27 20:34
World Count:3.2k Words
Link:https://en.imzlp.com/posts/31145/
License: CC BY-NC-SA 4.0
Reprinting of the full article is prohibited.
Your donation will encourage me to keep creating!