This post is written as a basic guide to install and setup shadowsocks server on Red Hat Enterprise Linux (or its clones such as CentOS).
shadowsocks-libev is chosen as the shadowsocks port (implementation) for this guide.
Shadowsocks is a beloved lightweight secure proxy procotol that can help you bypass firewalls. It's incredibly flexible and easy to deploy, setup, or even implement it from scratch. Shadowsocks runs on Windows, Mac, Linux, FreeBSD, Android, iOS and more! It runs on x86, ARM, MIPS and more, from PCs to routers!
The project is open-sourced and hosted on GitHub. Different implementations (shadowsocks port) have different licenses though, their features may vary, especially for non-essential features.
You don't need to compile source code yourself. Instead, the recommended way is to install from Copr repository.
- Download repo from Shadowsocks Copr.
- Put repo file into
sudo yum updateand
sudo yum install shadowsocks-libevin terminal.
Open the configuration file
/etc/shadowsocks-libev/config.json (You'll need root priviledge for this). An example configuration is pasted below:
- server: Server listening address
- server_port: Server listening port
- local_port: Local listening port (ignored by server)
- password: Password used for encryption
- timeout: Maximum idle time for a TCP connection
- method: Encryption method
- auth: Using one-time authentication
- For RHEL 6, execute
sudo service shadowsocks-libev startto start.
- For RHEL 7 or Fedora, execute
sudo systemctl start shadowsocks-libevto start.
There are a lot of shadowsocks clients available on all major platforms. The client's configuration should be the same as server's. Well, the server IP is the server's public IP instead of
You must understand the client is effectively a local SOCKS5 proxy server that forwards data to remote shadowsocks server. In order to complete the proxy channel, you need to set applications' SOCKS5 proxy server to the client's address and port.
A good news is on Android platform, shadowsocks client is more or less like a VPN (easier to setup for tech noobs). You can set it proxy the whole handset, or just proxy certain apps.
Don't want to type that loooong and full-of-symbols password? Check the Quick Guide to use QR Code to share your configuration (Note: One-time authentication option is not included in QR Code).