I would recommend ShadowsocksX-NG, which is a rewrite of the former and has more features, like a built-in http proxy, that is required by apps like Google Drive. OSX - ShadowsocksX-NGĬurrently, there are two options, ShadowsocksX and ShadowsocksX-NG. Also enable UDP forwarding, so DNS resolving of forbidden hostnames work and you will receive untainted name resolution. Make sure to disable “One-Time Authentication”, which is already deprecated. (There is only a bug with the profile manager, make sure to choose the Default profile and rename it, otherwise you might lose the settings later). If works great with recent versions of Android, as there is no Root required to enable a global Proxy service for the whole device. Fortunately, they provide the APKs on Github which is not blocked (at the moment): If you can’t access that store from your location, you have to sideload. Androidįor Android there is a Shadowsocks App in the Play store. You can find a multitude of other clients on the Shadowsocks website. I describe shortly installation and operation specifics of the Android and OSX clients. Here a gist for some ideas (using the -local instead of -server tool): Installation on clients (Android, iOS, OSX) Otherwise you could create a system job (like Upstart) to wrap it. Use Screen or Tmux to keep it running without to much hassle. The Go server will run in the shell foreground and don’t daemonize. Server IP: Enter the public IP of the server.Local port: The default is 1080 for all apps.Unused by the server, but can fill in if you want to share the config file with client software: password: generate a passphrase that you provide to all clients later on.You could disable it on the client if you experience problems. auth: (deprecated and omitted) Use One Time Authentication (generate a session password to avoid known plaintext attack).method: Default recommendation by Shadowsocks website is AES-256-CFB.īut the Go-server README suggests: aes-128-cfb is recommended as it is faster and secure enough – I also use 128 to save a little battery on the mobile clients.The port 8388 is kind of default port for Shadowsocks. You could also use a port number greater than 1000 to avoid using sudo, try 8443 or 8080 first. If possible, use HTTPs port 443, another option would be numbers like 995 (POP3s, if you don’t use POP mail server) or 990 (FTPs). The more common the port, the less likely it will be blocked. I show here the direct download, as it is the easiest and don’t require any change on the server machine. Other option would be compiling by using Go get and written in the README. You can find prebuild binaries for direct download here: Besides, it offers the unique feature of running on multiple ports at the same time with different passwords, making it easier to share access with other people. I used the Go server program, as it doesn’t need any other prerequisites or libraries on the machine and can run standalone. Installation on clients (Android, iOS, OSX).This is why I’ve included some direct download URLs below. Fortunately, Github access as possible for me at this point. If you are already in the restricted area you might be unable to access the Shadowsocks website (and/or Google Play store). To forward the traffic into the Free Internet™ you need to run one of the server software on your machine. In comparison to commercial VPN/Proxy offers, you or someone you trust need command line access to a server outside the restricted area. It works similar like SOCKS5 but uses (better) encryption and (optional) session passphrases to avoid Known Plaintext Attack. Fortunately, this software is available again and was continued by the community. It was first conceived by Github user clowwindy, who had to take parts of the software down because he got visited by the local police. Shadowsocks is a Proxy/VPN protocol and collection of of compatible OpenSource client and server software programs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |