centos部署ss

2018-04-26 15:52:32 字数：763

1.安装epel扩展源

1

yum -y install epel-release

2. 安装pip环境

1

yum -y install python-pip

3.安装shadowsocks

1

pip install shadowsocks

4.启动shadowsocks:

4.1方式一：

1

ssserver -p 8388 -k mypassword -m rc4-md5 -d start

4.2方式二：

1

vim /etc/shadowsocks.json

单配置时加入

1
2
3
4
5
6
7
8
9


{ 
    "server":"my\_server\_ip",
    "server_port":8388, 
    "local_address":"127.0.0.1",
    "local_port":1080, 
    "password":"mypassword",
    "timeout":300,
    "method":"rc4-md5" 
} 

多配置时加入

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12


{ 
    "server":"my\_server\_ip", 
    "port_password":{ 
        "9001":"pwd001", 
        "9002":"pwd002", 
        "9003":"pwd003" 
    },
    "local_address":"127.0.0.1", 
    "local_port":1080, 
    "timeout":300, 
    "method":"rc4-md5" 
 } 

加密方式可选择 “bf-cfb”, “aes-256-cfb”, “des-cfb”, “rc4″, 等等。默认是一种不安全的加密，推荐用 “aes-256-cfb”。 Tips：加密方式推荐使用rc4-md5，因为 RC4 比 AES 速度快好几倍，如果用在路由器上会带来显著性能提升。旧的 RC4 加密之所以不安全是因为 Shadowsocks 在每个连接上重复使用 key，没有使用 IV。现在已经重新正确实现，可以放心使用。创建完毕后，赋予shadowsocks.json文件权限

1
2


chmod 755 /etc/shadowsocks.json
ssserver -c /etc/shadowsocks.json -d start

5.配置开机启动

1
2
3


chmod +x /etc/rc.local
systemctl enable rc-local.service
vim /etc/rc.local 

rc.local中加入

1

/usr/bin/ssserver -c /etc/shadowsocks.json -d start

6.开启防火墙

1

vim /etc/sysconfig/iptables

iptables中加入

1

-A INPUT -p tcp -m tcp --dport 9000:9100 -j ACCEPT

启动防火墙

1

service iptables start

7.ssr

安装ssr

1
2
3


wget –no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocksR.sh 
chmod +x shadowsocksR.sh 
./shadowsocksR.sh 2>&1 | tee shadowsocksR.log

卸载ssr

1

./shadowsocksR.sh uninstall

使用ssr

1
2
3
4


启动：/etc/init.d/shadowsocks start
停止：/etc/init.d/shadowsocks stop
重启：/etc/init.d/shadowsocks restart
状态：/etc/init.d/shadowsocks status

配置ssr

1
2
3


配置文件路径：/etc/shadowsocks.json
日志文件路径：/var/log/shadowsocks.log
代码安装目录：/usr/local/shadowsocks

多用户配置示例：

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21


{
    "server":"0.0.0.0",
    "server_ipv6": "[::]",
    "local_address":"127.0.0.1",
    "local_port":1080,
    "port_password":{
        "8989":"password1",
        "8990":"password2",
        "8991":"password3"
    },
    "timeout":300,
    "method":"aes-256-cfb",
    "protocol": "origin",
    "protocol_param": "",
    "obfs": "plain",
    "obfs_param": "",
    "redirect": "",
    "dns_ipv6": false,
    "fast_open": false,
    "workers": 1
}