How to Setup Shadow Socks on Linux

Shadowsocks is a virtual tool that can help people bypass internet censorship to access websites that are blocked in their country. In the recent years, Shadowsocks is getting very popular among Chinese people, as it's very stable and also cheaper than using a VPN.

This tutorial will show you the process for setting up a Shadowsocks server step by step, after followed these steps you can have your own server set up, then download a client app to connect to that server and start using Shadowsocks.
To set up a Shadowsocks server, you must have a basic knowledge of Linux system, which is the system used by servers for running Shadowsocks, you will need to install the Shadowsocks software on the server by using a command line interface and typing a series of Linux commands. If you've never used command line interface before or don't want to use it, you can try to use Shadowsocks with an application called "Outline" instead, it's a GUI software so is much easier to use, you will be able to set up a Shadowsocks server without typing a single command. Check out this guide to learn how to use Outline. Or, simply choose one of the best VPNs to use, that will be much more convenient than using Shadowsocks.

Before we start, we must first acquire a remote server, then we can install Shadowsocks on that server. You can rent a server online from a VPS provider. One of the top VPS providers is DigitalOcean, you can get a server for only $5 per month.
To rent a server from DigitalOcean, first go to the official website of DigitalOcean, and sign up an account there.
After you created your DigitalOcean account, login the account, and you will see a green "Create" button on the top of page, click on it and click "Droplets" in the sub-menu, it will take you to a page for setting up a new server.

Most default settings on this page are fine for using Shadowsocks, you can just skip them, and some options are like "Add Block Storage" and "Select additional options" are not necessary, you can leave them unchecked, there are only two options you need to pay attention for, one is "Choose data center region", it allows you to choose the physical location of the server, you can choose a location that is not far from you, as your Shadowsocks will be faster if the server location is closer.

In this tutorial, we choose San Francisco. The other option you may want to manually set is "Authentication", you can select the option of "SSH keys" or "One-time password", with a SSH key, you can login to your server with a passphrase of the SSH key instead of using password, but for beginners, you can choose "One-time password", it will send you the password via email.

Near the bottom of the page, you can choose a hostname, add tags for your droplet (server), these are not necessary, but help you manage your servers if you create more servers in the future.

And you can assign the server to a project, the purpose is also to make it easier for managing, by default it will assign your droplet to a project named with your username, you can leave it as default. Then the last option is "Add backups", you can check to enable backup for your server or simply skip this.
Then click the "Create Droplet" button at the bottom. It will take a few seconds to have a new server created.
Once it's created, you need to copy the IP of the server, which will be used in the later.

Connect to the Server

Now it's time to connect to the server (the droplet you just created) using SSH, the methods for using SSH are different depending on the operating system of your computer.
If you are a Mac user, you can simply use the system's built-in program Terminal to start an SSH session, without needing to install additional programs.
The command to connect to the server is like the following. Note: Replace "your_server_ip" with the IP of the server you just created.

ssh root@your_server_ip

For Windows users, you need to install an additional program, as Windows doesn't have a built-in program to start an SSH session. The program you need to install is PuTTY, you can download the program from its website.
Either way you used to connect to the server, you will login to the server as "root" and will first be asked to type in the password or SSH key passphrase to login.
Once you are logged in as root, you will be prompted to a line like below.

"root@the-hostname-of-your-server:~#"

Then you can start to type commands after it to begin the process for installing Shadowsocks.

Before installing Shadowsocks, we need to first update and upgrade the server by typing the following command.

apt-get update && apt-get upgrade -y

After the above line is typed into the command line interface, you need to press Enter key to execute it. It will take up to one minute to have the updating and upgrading done.

Install Shadowsocks on the Server

Then we start to install Shadowsocks on our server.

There are a few different versions of Shadowsocks available to choose, the original Shadowsocks is simply called Shadowsocks, it's no longer reliable as its connections has become detectable in China, so servers running original Shadowsocks can be blocked more easily. In this tutorial we are going to install ShadowsocksR, which is a newer version of Shadowsocks, the main difference between it and the original version is that it supports obfuscation, which can make its traffic appear more like normal HTTPS web traffic, thus it can be harder to be detected and is more stable.

There are many ways to install ShadowsocksR, in this tutorial I'm going to install it using a script from GitHub user teddysun, this script greatly simplifies the process for installing Shadowsocks, you will only be required type a few simple commands.

Type the three following commands one by one, do not forget to press enter to execute after each command is typed.

wget --no-check-certificate -O shadowsocks-all.sh https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks-all.sh
chmod +x shadowsocks-all.sh
./shadowsocks-all.sh 2>&1 | tee shadowsocks-all.log

After all three commands are executed, a question will be shown in the command line interface as below.
"Which Shadowsocks server you'd select"

The question is followed by a list of options, each option has a number in the front.
It's asking you about which version of Shadowsocks you want to install. Since we are going to install ShadowsocksR, so we enter the number 2, as it's the corresponding number of ShadowsocksR.

Then it shows "Please enter password for ShadowsocksR", it's asking you to set a password that will be used to connect to the Shadowsocks server, you will input this password to the Shadowsocks client application on your phone or computer in the later. For now, just set a password for yourself, the password can be changed later by editing a JSON file.

Next it will show "Please enter a port for ShadowshocksR [1-65535]", it's asking you to choose a port from the server, you can enter any number under 65535, if you are unsure about which number to choose, simply use 443, as this port accepts simultaneous connections with a same password.

Then it shows "Please select stream cipher for ShadowsocksR", here I choose option 11, which is chacha20-ietf, you can also choose other options, just remember to input the same stream cipher you chose in this step to your Shadowsocks client application in the later.

Then you will see "Please select protocol for ShadowsocksR", it's asking you to select the protocol for your Shadowsocks server, again it's up to you, it's recommended to select "origin" or "auth_sha1_v4_compatible".

Then it comes the last message "Please select obfs for ShadowsocksR", it's asking you to select an obfuscation method, here I select "http_simple_compatible".

All the parameters you selected above can be changed in the later.
Now all the parameters for your Shadowsocks server are selected, the screen will show the following message:

"Press any key to start…or Press Ctrl+C to cancel"

Now you can press the Enter key or any other key to start the installation of ShadowsocksR on your server. It will take about 5 minutes to complete, wait patiently until ShadowsocksR is successfully installed.
Once installed, all the parameters you selected above will be shown in the interface. You can write them down, as these parameters will be needed to input into the client app to make Shadowsocks work on your devices.

Now your Shadowsocks server is already running, then you can download a Shadowsocks client application to your computer or phone to start using Shadowsocks and enjoy the free internet. But before we introduce the client apps, let's see how to change the parameters you selected above, this is important if you ever want to change them for any reason, or accidentally selected a parameter that you didn't mean to select in the above steps.

If you currently don't want to change the parameters, simply skip this step.
We are going to use Nano editor to edit the parameters, first use Nano open the config file of ShadowsocksR.
Type the below command:

nano /etc/shadowsocks-r/config.json

Press Enter and the interface will show the content in the config file, you can start to edit the file and change the parameters in it if you want.
Once you've edited the file, press Ctrl+X to exit the file, if you made changes to the file, it will ask you whether to save the changes, you need to press Y key and press Enter.
Every time you make changes to the config file, you need to restart Shadowsocks program so the changes can take effect.
Use below command to restart Shadowsocks.

/etc/init.d/shadowsocks-r restart

Optimize the Server

Although your Shadowsocks server is already working, you can optimize some settings to make it faster.
To do this, we first install Google BBR.

Install Google BBR

Google BBR is an algorithm used for controlling TCP congestion, it can greatly improve the speed of your Shadowsocks server.

There are many ways to install Google BBR, we are going to install Google BBR with another script from Teddysun by using the command below.

wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh && chmod +x bbr.sh && ./bbr.sh

After installed, it may ask you to reboot the server if the kernel is incompatible, if that's the case you need to type "reboot" and press enter to exit current session, and reconnect to your server again. If your kernel is compatible, you can just skip to the next step.

Change the Kernel Configuration Settings

Then we will use nano editor to change the kernel configuration settings.
Type and execute the command below:

nano /etc/sysctl.conf

It will show the content in "sysctl.conf" file. And add the following lines to the bottom of the content in the file, right after the line "net.ipv4.tcp_congestion_control = bbr".

fs.file-max = 51200 net.core.rmem_max = 67108864 net.core.wmem_max = 67108864 net.core.netdev_max_backlog = 250000 net.core.somaxconn = 4096 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.ip_local_port_range = 10000 65000 net.ipv4.tcp_max_syn_backlog = 8192 net.ipv4.tcp_max_tw_buckets = 5000 net.ipv4.tcp_fastopen = 3 net.ipv4.tcp_mem = 25600 51200 102400 net.ipv4.tcp_rmem = 4096 87380 67108864 net.ipv4.tcp_wmem = 4096 65536 67108864 net.ipv4.tcp_mtu_probing = 1

Exit and save the file, then enter and execute the following command to apply the changes.

sysctl -p

Now the speed is greatly improved.

Increase the Number of Simultaneous Connections

If you want to share your Shadowsocks server to your friends and family members, you can make the following optimization to increase the number of simultaneous connections to the server.
We are going to edit the "limits.conf" file.
Open the file with nano using the below command.

nano /etc/security/limits.conf

Then add the following lines to the bottom of the file, don't omit "*" symbol in the start of each line, as they are parts of the lines.

* soft nofile 51200 * hard nofile 51200

Exit and save the file. Then we set the ulimit using the command below:

ulimit -n 51200

Now the server has been optimized for handling a large number of simultaneous connections.
If you set the port as 443 in a previous step, other people who you shared the Shadowsocks server with can connect to the same port using the same password as yours.
Now all the hard works for setting up the Shadowsocks server and doing the optimizations are done. Next comes the easy part.

Install and Use Shadowsocks Client App

To use Shadowsocks, you need to install client applications of Shadowsocks on your computer or mobile devices to connect to your Shadowsocks server.
Both original Shadowsocks app and ShadowsocksR app can be used to connect the server. But the original Shadowsocks app is not stable in China.

Below are client applications of ShadowsocksR for different operating systems.

ShadowsocksR for Android

(Above source is for Chinese users who have no Google Play Service on their phones, for others you can directly install the app from Google Play)

ShadowsocksR for Windows

ShadowsocksR for Mac

For iPhone users, there are two apps on App Store you can choose from, one is called Potatso Lite, which is free to use, the other is Shadowrocket, it's a premium app, you need to purchase to use the app, but it's better than Potatso Lite, as some mobile apps like WhatsApp cannot work if you use Potatso Lite on the phone.
For Chinese iPhone users, you have to create a foreign iTunes account to be able to find these two apps on App Store.
The use of Shadowsocks client app is easy, you only need to fill in the parameters you selected (IP, port, password, security (stream cipher), obfs) when you set up the server, and hit the Connect button, your device will be connected to your Shadowsocks server, after that leave the app in the background and you can start enjoying the free internet.

This article is also available in Traditional Chinese.

How to Setup Shadow Socks on Linux

Source: https://thetowerinfo.com/setup-shadowsocks-server/

0 Response to "How to Setup Shadow Socks on Linux"

Post a Comment

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel