How to Install a VPN on Your VPS with Shadowsocks

Shadowsocks is a lightweight and secure proxy tool designed to protect your internet privacy while bypassing censorship. Unlike traditional VPNs, Shadowsocks operates as a SOCKS5 proxy, making it faster and harder to detect. Here’s how to set it up on your VPS to secure your connection.


Why Use Shadowsocks on Your VPS?

  • Lightweight: Minimal resource usage compared to full-fledged VPNs.
  • Faster Connections: Optimized for speed with fewer overheads.
  • Circumvents Censorship: Effective against DPI (Deep Packet Inspection).
  • Secure: Uses robust encryption methods to protect your data.

Prerequisites

  1. VPS: A Linux-based VPS (Ubuntu/Debian/CentOS recommended).
  2. Root Access: Required to install and configure software.
  3. Domain or Public IP: To connect to your VPS.

Step 1: Update Your VPS

Ensure your VPS is up to date to avoid compatibility issues:

 
sudo apt update && sudo apt upgrade -y

Step 2: Install Shadowsocks

You can install Shadowsocks using a pre-built package or set it up manually.

Option 1: Install via Package Manager

On Ubuntu/Debian:

 
sudo apt install shadowsocks-libev -y

On CentOS:

 
sudo yum install epel-release -y sudo yum install shadowsocks-libev -y

Option 2: Install via pip (Python-based Shadowsocks)

Install Python and pip:

 
sudo apt install python3 python3-pip -y

Install Shadowsocks:

 
pip3 install shadowsocks

Step 3: Configure Shadowsocks

Create a configuration file:

 
sudo nano /etc/shadowsocks.json

Add the following configuration:

json
 
{ "server": "0.0.0.0", "server_port": 8388, "local_address": "127.0.0.1", "local_port": 1080, "password": "your_secure_password", "timeout": 300, "method": "aes-256-gcm" }
  • server: Set to 0.0.0.0 to allow external connections.
  • server_port: Port for Shadowsocks to listen on (e.g., 8388).
  • password: A strong password to secure your connection.
  • method: Encryption method (e.g., aes-256-gcm is highly recommended).

Save and exit the file (CTRL + X, then Y, then ENTER).


Step 4: Start Shadowsocks

Run Shadowsocks using the configuration file:

 
ss-server -c /etc/shadowsocks.json -d start

To enable it on system boot, use:

 
sudo systemctl enable shadowsocks-libev sudo systemctl start shadowsocks-libev

Step 5: Configure Firewall

Ensure the port you specified (e.g., 8388) is open:

For ufw (Ubuntu/Debian):

 
sudo ufw allow 8388/tcp sudo ufw allow 8388/udp sudo ufw reload

For firewalld (CentOS):

 
sudo firewall-cmd --permanent --add-port=8388/tcp sudo firewall-cmd --permanent --add-port=8388/udp sudo firewall-cmd --reload

Step 6: Connect to Shadowsocks

Download a Shadowsocks client for your device:

  • Windows: Shadowsocks-Windows
  • Mac: ShadowsocksX-NG
  • Android: Shadowsocks (available on F-Droid or Google Play)
  • iOS: Potatso Lite (from the App Store)

Client Configuration

  1. Open the client and create a new connection.
  2. Enter your VPS details:
    • Server IP: Your VPS’s IP address.
    • Server Port: The port specified in the configuration (8388).
    • Password: The same password in the configuration file.
    • Encryption Method: Match the method (e.g., aes-256-gcm).
  3. Save the configuration and connect.

Optional Enhancements

  1. Enable Obfuscation: Use plugins like v2ray-plugin to make Shadowsocks harder to detect.
    • Install the plugin:
       
      sudo apt install shadowsocks-v2ray-plugin
    • Modify the config to include:
      json
       
      "plugin": "v2ray-plugin", "plugin_opts": "obfs=tls;obfs-host=www.example.com"
  2. Add a Domain: Use a domain name instead of an IP for better usability.
  3. Enable Logging: Track usage or debug issues by enabling logs in your configuration.

Step 7: Verify Your Connection

Check your IP address after connecting to ensure traffic is routed through the VPS:


Conclusion

With Shadowsocks, you now have a secure and private connection tailored to your needs. Whether you’re bypassing censorship or securing your internet traffic, Shadowsocks offers a lightweight and effective solution for your VPS. For enhanced privacy, consider pairing it with additional tools like DNS encryption or a CDN.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Powered by WHMCompleteSolution