CentOS 7 下编译并安装酸酸并启用 obfs 混淆 | 沧水的博客

刚刚想给某台国内机器安装酸酸libev+obfs,但是没想到大多数的脚本都无法链接到服务器,无奈之下只好手动处理,顺便记下本次手动安装的经过

本教程使用系统为Centos 7 x64 其他系统请自行修改命令

编译安装

不使用 obfs 混淆的,不用安装 simple-obfs 

编译和安装 ss-libev

安装一些必要的软件:

yum install git vim wget -y
yum install epel-release -y
yum install gcc gettext autoconf libtool automake make pcre-devel asciidoc xmlto c-ares-devel libev-devel libsodium-devel mbedtls-devel -y

下载 shadowsocks-libev 的源代码:

git clone https://github.com/shadowsocks/shadowsocks-libev.git
cd shadowsocks-libev
git submodule update --init --recursive

开始进行编译:

./autogen.sh && ./configure --prefix=/usr && make
make install 

编译和安装 simple-obfs

安装一些必要的软件:

yum install zlib-devel openssl-devel -y

安装 simple-obfs :

git clone https://github.com/shadowsocks/simple-obfs.git
cd simple-obfs
git submodule update --init --recursive
./autogen.sh
./configure && make
make install

配置

1. 仅使用 ss-libev

修改配置文件:

mkdir -p /etc/shadowsocks-libev
vim /etc/shadowsocks-libev/config.json
{
"server":"0.0.0.0",
"server_port":自定端口号,
"local_port":1080,
"password":"自定密码",
"timeout":60,
"method":"aes-256-gcm"
}

如想要同时启用 ipv4 和 ipv6 ,则 config.json 应为:

{
"server":["::0","0.0.0.0"],
"server_port":自定端口号,
"local_port":1080,
"password":"自定密码",
"timeout":60,
"method":"aes-256-gcm"
}

2. 使用带 obfs 混淆的 ss-libev

修改配置文件:

mkdir -p /etc/shadowsocks-libev
vim /etc/shadowsocks-libev/config.json
{
"server":"0.0.0.0",
"server_port":自定端口号,
"local_port":1080,
"password":"自定密码",
"timeout":60,
"method":"aes-256-gcm", "
plugin":"obfs-server",
"plugin_opts":"obfs=http"
}

如想要同时启用 ipv4 和 ipv6 ,则 config.json 应为:

{
"server":["::0","0.0.0.0"],
"server_port":自定端口号,
"local_port":1080,
"password":"自定密码",
"timeout":60,
"method":"aes-256-gcm",
"plugin":"obfs-server",
"plugin_opts":"obfs=http"
}

带 obfs 混淆的客户端配置

在客户端配置文件中添加:

"plugin":"obfs-local",
"plugin_opts":"obfs=http;obfs-host=baidu.com",

设置开机自动启动

vi /etc/systemd/system/shadowsocks.service
[Unit]
Description=Shadowsocks Server
After=network.target
[Service]
ExecStart=/usr/bin/ss-server -c /etc/shadowsocks-libev/config.json -u
Restart=on-abort
[Install]
WantedBy=multi-user.target

退出编辑然后
systemctl enable shadowsocks

运行

启动 ss 服务:

systemctl start shadowsocks

此时,我们还不能通过外网访问服务器,因为防火墙并没有开启相应的端口,编辑防火墙开放的端口服务:

vi /etc/firewalld/zones/public.xml

添加如下行:

<port protocol="tcp" port="服务器端口"/>
<port protocol="udp" port="服务器端口"/>

使新规则生效:

firewall-cmd --complete-reload

至此,ss 已经可以使用。可以查看服务状态:

systemctl status shadowsocks

更新

更新需要重新编译。

更新 ss-libev

systemctl stop shadowsocks

shadowsocks-libev 目录下:

git pull
./configure
make
make install

systemctl start shadowsocks

更新 obfs

systemctl stop shadowsocks

simple-obfs 目录下:

git pull
./configure
make
make install

systemctl start shadowsocks

故障解决

  • 提示如下:This system doesn’t provide enough entropy to quickly generate high-quality random numbers
    Installing the rng-utils/rng-tools or haveged packages may help.
    On virtualized Linux environments, also consider using virtio-rng.
    The service will not start until enough entropy has been collected.

安装 rng-tools :

yum install rng-tools
rngd -r /dev/urandom
  • 提示如下:[simple-obfs] ERROR: failed to resolve server name, wait 2 seconds

可能是你的主机本身没有 ipv6 地址,可在配置文件 /etc/shadowsocks-libev/config.json 中把 "server" 一栏更改如下:

"server":"0.0.0.0",

这篇文章还没有人发言,快抢第一!

发表评论



Copyright 2017 沧水的博客. All Rights Reserved.
湘ICP备17021400号-1托管于腾讯云中国律法保护