CentOS7 下安装配置 shadowsocks

Shadowsocks则是当前比较受欢迎的科学上网工具,本文介绍了如何使用Systemd作为开启启动脚本的管理工具,在 CentOS 7 下安装和配置 Shadowsocks 服务。

安装pip

pip是 python 的包管理工具。在本文中将使用 python 版本的 shadowsocks,此版本的 shadowsocks 已发布到 pip 上,因此我们需要通过 pip 命令来安装。

在控制台中执行以下命令安装pip

curl "https://bootstrap.pypa.io/get-pip.py" -o "get-pip.py"
python get-pip.py

 

安装配置 shadowsocks

在控制台执行以下命令安装 shadowsocks

pip install --upgrade pip
pip install shadowsocks

创建配置文件 vi /etc/shadowsocks.json 并输入内容如下:

{
  "server": "0.0.0.0",
  "server_port": 443,
  "local_address": "127.0.0.1",
  "local_port":1080,
  "password": "mima",
  "timeout":300,
  "method": "aes-256-cfb",
  "fast_open": false
}

method 为加密方法,可选aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb, rc4-md5, chacha20, salsa20, rc4, table
server_port 为服务监听端口(可以使用443等常见端口防止被屏蔽)
password 为密码

如果想多端口,可以创建配置文件如下:

{
  "server":"0.0.0.0",
  "local_address": "127.0.0.1",
  "local_port":1080,
  "port_password":{
    "8381": "D77b73E578",
    "8382": "53AFf96aEf",
    "8383": "6E18a11eA2",
    "8384": "OTU0OWQ2Nz"
  },
  "timeout":300,
  "method":"aes-256-cfb",
  "fast_open": false
}

启动或停止 shadowsocks 服务

#启动
ssserver -c /etc/shadowsocks.json -d start
#停止
ssserver -c /etc/shadowsocks.json -d stop

 

CentOS 7默认使用的是firewall作为防火墙,输入以下指令放行ss端口

firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload

 

配置开机启动脚本

创建启动脚本文件 vi /etc/systemd/system/shadowsocks.service 并输入内容如下:

[Unit]
Description=Shadowsocks

[Service]
TimeoutStartSec=0
ExecStart=/usr/bin/ssserver -c /etc/shadowsocks.json

[Install]
WantedBy=multi-user.target

启动 shadowsocks 服务

systemctl enable shadowsocks
systemctl start shadowsocks

 

附:一键安装脚本

chmod +x 修改权限后执行

#!/bin/bash
# Install Shadowsocks on CentOS 7

echo "Installing Shadowsocks..."

random-string()
{
    cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-32} | head -n 1
}

CONFIG_FILE=/etc/shadowsocks.json
SERVICE_FILE=/etc/systemd/system/shadowsocks.service
SS_PASSWORD=$(random-string 32)
SS_PORT=8388
SS_METHOD=aes-256-cfb
SS_IP=`ip route get 1 | awk '{print $NF;exit}'`
GET_PIP_FILE=/tmp/get-pip.py

# install pip
curl "https://bootstrap.pypa.io/get-pip.py" -o "${GET_PIP_FILE}"
python ${GET_PIP_FILE}

# install shadowsocks
pip install --upgrade pip
pip install shadowsocks

# create shadowsocls config
cat <<EOF | sudo tee ${CONFIG_FILE}
{
  "server": "0.0.0.0",
  "server_port": ${SS_PORT},
  "password": "${SS_PASSWORD}",
  "method": "${SS_METHOD}"
}
EOF

# create service
cat <<EOF | sudo tee ${SERVICE_FILE}
[Unit]
Description=Shadowsocks

[Service]
TimeoutStartSec=0
ExecStart=/usr/bin/ssserver -c ${CONFIG_FILE}

[Install]
WantedBy=multi-user.target
EOF

# start service
systemctl enable shadowsocks
systemctl start shadowsocks

# view service status
sleep 5
systemctl status shadowsocks -l

echo "================================"
echo ""
echo "Congratulations! Shadowsocks has been installed on your system."
echo "You shadowsocks connection info:"
echo "--------------------------------"
echo "server:      ${SS_IP}"
echo "server_port: ${SS_PORT}"
echo "password:    ${SS_PASSWORD}"
echo "method:      ${SS_METHOD}"
echo "--------------------------------"