centos部署ss

2018-04-26 15:52:32+08:00
CentOS部署
1.安装epel扩展源

yum -y install epel-release 
<div class="highlight"><pre><span></span>## 2. 安装pip环境
</pre></div>
 bash
yum -y install python-pip
<div class="highlight"><pre><span></span>## 3.安装shadowsocks
</pre></div>
 bash
pip install shadowsocks
<div class="highlight"><pre><span></span>## 4.启动shadowsocks: 
4.1方式一：
</pre></div>
 bash
ssserver -p 8388 -k mypassword -m rc4-md5 -d start 
<div class="highlight"><pre><span></span>4.2方式二：
</pre></div>
 bash
vim /etc/shadowsocks.json
<div class="highlight"><pre><span></span>单配置时加入
</pre></div>
 bash
{ 
    "server":"my\_server\_ip",
    "server_port":8388, 
    "local_address":"127.0.0.1",
    "local_port":1080, 
    "password":"mypassword",
    "timeout":300,
    "method":"rc4-md5" 
} 
<div class="highlight"><pre><span></span>多配置时加入
</pre></div>
 bash
{ 
    "server":"my\_server\_ip", 
    "port_password":{ 
        "9001":"pwd001", 
        "9002":"pwd002", 
        "9003":"pwd003" 
    },
    "local_address":"127.0.0.1", 
    "local_port":1080, 
    "timeout":300, 
    "method":"rc4-md5" 
 } 
<div class="highlight"><pre><span></span>加密方式可选择 “bf-cfb”, “aes-256-cfb”, “des-cfb”, “rc4″, 等等。
默认是一种不安全的加密，推荐用 “aes-256-cfb”。
Tips：加密方式推荐使用rc4-md5，因为 RC4 比 AES 速度快好几倍，如果用在路由器上会带来显著性能提升。
旧的 RC4 加密之所以不安全是因为 Shadowsocks 在每个连接上重复使用 key，没有使用 IV。
现在已经重新正确实现，可以放心使用。 
创建完毕后，赋予shadowsocks.json文件权限
</pre></div>
 bash
chmod 755 /etc/shadowsocks.json
ssserver -c /etc/shadowsocks.json -d start
<div class="highlight"><pre><span></span>## 5.配置开机启动
</pre></div>
 bash
chmod +x /etc/rc.local
systemctl enable rc-local.service
vim /etc/rc.local 
<div class="highlight"><pre><span></span>rc.local中加入
</pre></div>
 bash
/usr/bin/ssserver -c /etc/shadowsocks.json -d start
<div class="highlight"><pre><span></span>## 6.开启防火墙 
</pre></div>
 bash
vim /etc/sysconfig/iptables 
<div class="highlight"><pre><span></span>iptables中加入
</pre></div>
 bash
-A INPUT -p tcp -m tcp --dport 9000:9100 -j ACCEPT 
<div class="highlight"><pre><span></span>启动防火墙
</pre></div>

service iptables start 
<div class="highlight"><pre><span></span>## 7.ssr 
安装ssr
</pre></div>
 bash
wget –no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocksR.sh 
chmod +x shadowsocksR.sh 
./shadowsocksR.sh 2>&1 | tee shadowsocksR.log
<div class="highlight"><pre><span></span>卸载ssr
</pre></div>
aidl
./shadowsocksR.sh uninstall
<div class="highlight"><pre><span></span>使用ssr
</pre></div>
aidl
启动：/etc/init.d/shadowsocks start
停止：/etc/init.d/shadowsocks stop
重启：/etc/init.d/shadowsocks restart
状态：/etc/init.d/shadowsocks status
<div class="highlight"><pre><span></span>配置ssr
</pre></div>
aidl
配置文件路径：/etc/shadowsocks.json
日志文件路径：/var/log/shadowsocks.log
代码安装目录：/usr/local/shadowsocks
<div class="highlight"><pre><span></span>多用户配置示例：
</pre></div>
aidl
{
    "server":"0.0.0.0",
    "server_ipv6": "[::]",
    "local_address":"127.0.0.1",
    "local_port":1080,
    "port_password":{
        "8989":"password1",
        "8990":"password2",
        "8991":"password3"
    },
    "timeout":300,
    "method":"aes-256-cfb",
    "protocol": "origin",
    "protocol_param": "",
    "obfs": "plain",
    "obfs_param": "",
    "redirect": "",
    "dns_ipv6": false,
    "fast_open": false,
    "workers": 1
}