I have a cheap VPS in the U.S. running a shadowsocks service. When I first bought the VPS, it was running Debian 7 and the Shadowsocks implementation I picked back then was its Python implementation. I used this combination mostly because I’m familiar with Debian and Python. However, since the VPS only has 64MB memory and limited disk space, the Python implementation wasn’t ideal for my server. Therefore, I deleted the old system and installed CentOS 7 minimal. Also, I picked the libev implementation of Shadowsocks, which is purely written in C for high efficiency and minimal memory footprint. This post documents what I did to setup everything.
Initial system setup
As I had a fresh install of CentOS 7 minimal, I need to configure some basic stuff before I setup Shadowsocks. The first thing I did after I ssh into the server is to change my root password.
$ passwd root
Then I added a normal user for me to login in the future (it’s not a good idea to use root all the time!)
$ adduser <username> # create user
$ passwd <username> # set password for the new user
$ usermod -aG wheel <username> # give root permission
Remember to also install sudo
$ yum install sudo
I disabled root remote login by changing the ssh configuration file /etc/ssh/sshd_config, make sure you have the following setting
PermitRootLogin no
and restart sshd after your edit
$ systemctl restart sshd
Now the server has some basic security settings, I’ll login again using my normal user to setup Shadowsocks.
Setting up libev version of Shadowsocks
Install shadowsocks-libev
The shadowsocks-libev package exist in a 3rd party YUM repo, therefore the repo needs to be added first. Put the following content in
the file /etc/yum.repos.d/shadowsocks.repo (you need to create the file)
[librehat-shadowsocks]
name=Copr repo for shadowsocks owned by librehat
baseurl=https://copr-be.cloud.fedoraproject.org/results/librehat/shadowsocks/epel-7-$basearch/
type=rpm-md
skip_if_unavailable=True
gpgcheck=1
gpgkey=https://copr-be.cloud.fedoraproject.org/results/librehat/shadowsocks/pubkey.gpg
repo_gpgcheck=0
enabled=1
enabled_metadata=1
Update YUM’s package list and install shadowsocks-libev
$ yum check-update
$ yum install -y shadowsocks-libev
Edit the configuration file
The default configuration file for shadowsocks-libev is /etc/shadowsocks-libev/config.json. A sample configuration is already given.
If you want to have a setup with password protection, you can change the configuration file to something like this
{
"server":"<your-server-ip>",
"server_port":<your-port>,
"local_port":1080,
"password":"<your-password>",
"timeout":600,
"method":"rc4-md5"
}
Run shadowsocks in the background
Now Shadowsocks is installed and configured, we need to run shadowsocks as a background process. This is pretty easy with nohup
$ nohup ss-server &
Conclusion
In this post, I included all the steps I took to setup a Shadowsocks service on a fresh installed CentOS 7 minimal. I hope that you find my post useful. You could leave a comment if you run into any issue with the commands I showed above.
comments powered by Disqus