Linux安装ss服务端

centos 7

简单快捷,随机生成密码,端口以及加密类型默认。

1
2
3
bash <(curl -s http://morning.work/examples/2015-12/install-SS.sh)
firewall-cmd --zone=public --add-port=8388/tcp --permanent
firewall-cmd --reload

控制方法

1
2
3
4
5
6

systemctl enable SS
systemctl start SS


systemctl status SS -l

脚本内容比较简单,通过二进制文档安装了一个pip,如果已有pip或者对脚本内pip来源不信任可以手动安装,并注释掉安装pip的代码,以下是脚本内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

# install SS on centos 7

echo "installing SS..."

random-string()
{
cat /dev/urandom | tr -dc 'a-za-z0-9' | fold -w ${1:-32} | head -n 1
}

config_file=/etc/SS.json
service_file=/etc/systemd/system/SS.service
ss_password=$(random-string 32)
ss_port=8388
ss_method=aes-256-cfb
ss_ip=`ip route get 1 | awk '{print $nf;exit}'`
get_pip_file=/tmp/get-pip.py

# install pip
curl "https://bootstrap.pypa.io/get-pip.py" -o "${get_pip_file}"
python ${get_pip_file}

# install SS
pip install --upgrade pip
pip install SS

# create shadowsocls config
cat <<eof | sudo tee ${config_file}
{
"server": "0.0.0.0",
"server_port": ${ss_port},
"password": "${ss_password}",
"method": "${ss_method}"
}
eof

# create service
cat <<eof | sudo tee ${service_file}
[unit]
description=SS

[service]
timeoutstartsec=0
execstart=/usr/bin/ssserver -c ${config_file}

[install]
wantedby=multi-user.target
eof

# start service
systemctl enable SS
systemctl start SS

# view service status
sleep 5
systemctl status SS -l

echo "================================"
echo ""
echo "congratulations! SS has been installed on your system."
echo "you SS connection info:"
echo "--------------------------------"
echo "server: ${ss_ip}"
echo "server_port: ${ss_port}"
echo "password: ${ss_password}"
echo "method: ${ss_method}"
echo "--------------------------------"

手动安装

python原版

首先你得有pip

1
2
3
4
5
6
7
8
9
10
11
#debian/ubuntu下:
apt-get install python-pip
pip install SS

#centos下:
yum install python-setuptools && easy_install pip
pip install SS

#手动安装
curl "https://bootstrap.pypa.io/get-pip.py" -o "get-pip.py"
python get-pip.py

通过pip安装ss

1
sudo pip install SS

出错的可以手动下载

1
2
3
4
5
6
#此页面下载
https://pypi.python.org/pypi/SS

#解压安装
tar -zxvf SS-2.8.2.tar.gz
python setup.py install

使用

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#前台运行
ssserver -p 443 -k password -m aes-256-cfb

#如果要后台运行:
sudo ssserver -p 443 -k password -m aes-256-cfb --user nobody -d start

#如果要停止:
sudo ssserver -d stop

#如果要检查日志:
sudo less /var/log/SS.log

#通过脚本运行
sudo ssserver -c /etc/SS.json -d start

#脚本这么写
{
"server": "0.0.0.0",
"server_port": 443,
"password": "password",
"method": "aes-256-cfb"
}

设置防火墙

1
2
3
4
5
6
7
8
9
10
firewall-cmd --zone=public --add-port=8388/tcp --permanent
firewall-cmd --zone=public --add-port=8388/udp --permanent
firewall-cmd --reload

#或者

iptables -i input -p tcp -m tcp --dport 8388 -j accept
iptables -i input -p udp -m tcp --dport 8388 -j accept
service iptables save
service iptables restart

libev版

大部分发行版已经有libev,直接安装就可以

服务端说明看这里 https://github.com/SS/SS-libev

客户端

1
ss-local -s 服务器地址 -p 服务器端口 -l 本地端端口 -k 密码 -m 加密方法

写json可以直接运行ss-local

1
2
3
4
5
6
7
8
9
10
11
12
#ss-local -c /etc/SS-libev/config.json
{
"server":"remote-SS-server-ip-addr",
"server_port":443,
"local_address":"127.0.0.1",
"local_port":1080,
"password":"your-passwd",
"timeout":300,
"method":"aes-256-cfb",
"fast_open":false,
"workers":1
}

客户端

到我重导入这篇文章的时候,各大发行版默认仓库已经有ss-libev和ss-qt5,现在甚至还有appimage直接打包的qt5版本ss。客户端上自由选择一个就可以。