[Shadowsocks] How to install and configure Shadowsocks server

Clara - VPS Hosting Team

Shadowsocks is a lightweight and free SOCKS5 proxy tool designed to bypass network censorship and restrictions. Here’s a guide on how to install and configure it on your server.

Installation

1. Prepare Your System

Begin by updating your system and installing the EPEL release:

yum update -y
yum install epel-release -y
yum install -y gcc gettext autoconf libtool automake make pcre-devel asciidoc xmlto udns-devel libev-devel libsodium-devel mbedtls-devel git m2crypto c-ares-devel

2. Download and Install Shadowsocks

Navigate to the /opt directory, clone the Shadowsocks repository from GitHub, and build it:

cd /opt
git clone https://github.com/shadowsocks/shadowsocks-libev.git
cd shadowsocks-libev
git submodule update --init --recursive

./autogen.sh
./configure
make && make install

Configuring Shadowsocks

1. Create a System User for Shadowsocks

adduser --system --no-create-home -s /bin/false shadowsocks

2. Create the Configuration Directory and File

mkdir -m 755 /etc/shadowsocks
touch /etc/shadowsocks/shadowsocks.json
nano /etc/shadowsocks/shadowsocks.json

Populate the shadowsocks.json file with the following content, adjusting the values as needed:

Configuration Options:

server: Enter your server's public IP address.
server_port: Specify the port number for Shadowsocks proxy.
password: Set a password for connecting to the Shadowsocks server.
timeout: Set the session timeout period in seconds.
method: Choose an encryption method. "aes-256-gcm" is a secure option.
fast_open: Set to true for reduced latency with kernels newer than 3.7.1.(https://www.buycheapvps.com/), it reduces latency when "true". Otherwise, not necessary.

3. Set Up Shadowsocks as a Systemd Service

Create a service file:

touch /etc/systemd/system/shadowsocks.service
nano /etc/systemd/system/shadowsocks.service

Add the following content:

Enable and start the service:

systemctl daemon-reload
systemctl enable shadowsocks
systemctl start shadowsocks

You can also use stop, restart, or status to manage the service.

4. Adjust iptables Settings

Allow traffic through the Shadowsocks port

iptables -4 -A INPUT -p tcp --dport 8388 -m comment --comment "Shadowsocks" -j ACCEPT

5. Connecting to Shadowsocks

To connect to your Shadowsocks server, you’ll need a Shadowsocks client for your device. Download and install the client, then enter the server details from your /etc/shadowsocks/shadowsocks.json file.