AWS offers a one-year free VPS through its Free Tier, and that instance is enough to run a basic Shadowsocks server. Before doing anything else, you need to create an AWS account and complete the registration process with a credit card. After that, you can launch an EC2 instance and use it to deploy Shadowsocks.
Useful AWS entry points:
- AWS homepage: https://aws.amazon.com
- Free Tier page: https://aws.amazon.com/free
- EC2 management console: https://console.aws.amazon.com/ec2/home
Choose the region carefully
When creating the instance, do not just accept the default region without checking it. A common mistake is ending up in a region like US East (Ohio), which can have noticeably higher latency. A Tokyo region is generally a better choice if you want lower delay and a smoother connection. If you want to compare response times across regions before launching the server, you can check them here:
http://www.cloudping.info/
Open the port in the security group
After the EC2 instance is running, make sure the security group is configured correctly. If you skip this step, Shadowsocks may start successfully but still remain unreachable from outside.
In the inbound rules of the security group, add a custom TCP rule:
- Protocol: TCP
- Port range: use the same port as
server_portin yourshadowsocks.json - Source:
0.0.0.0/0
Once that rule is added, external connections to the Shadowsocks service will be allowed.
Install Shadowsocks
On Ubuntu 16.04, update the package list first, then install the required dependencies and Shadowsocks itself:
$ sudo apt-get update
$ sudo apt-get install python-gevent python-pip python-m2crypto python-wheel python-setuptools
$ sudo pip install shadowsocks
During installation, you may run into this error:
# pip install shadowsocks
Traceback (most recent call last):
File "/usr/bin/pip", line 11, in <module>
sys.exit(main())
File "/usr/lib/python2.7/dist-packages/pip/__init__.py", line 215, in main
locale.setlocale(locale.LC_ALL, '')
File "/usr/lib/python2.7/locale.py", line 581, in setlocale
return _setlocale(category, locale)
locale.Error: unsupported locale setting
That error is caused by an incorrect locale setting. A quick fix is:
$ export LC_ALL=C
Create the configuration file
Edit the Shadowsocks configuration file:
$ sudo vim /etc/shadowsocks.json
Put the following content into it:
{
"server":"my_server_ip",
"server_port":8000,
"local_address": "127.0.0.1",
"local_port":1080,
"password":"my_password",
"timeout":300,
"method":"rc4-md5"
}
Save the file when you are done.
Start and stop the service
Use these commands to start or stop the Shadowsocks server:
$ sudo ssserver -c /etc/shadowsocks.json -d start
$ sudo ssserver -c /etc/shadowsocks.json -d stop
If the system says it cannot find ssserver, the command may not be in your global PATH. In that case, use whereis ssserver to locate it, then create a symbolic link with ln -s source_path target_path. You can also replace ssserver in the command with the full path to the actual executable.
Another possible startup error looks like this:
Traceback (most recent call last):
File "/bin/ssserver", line 9, in <module>
load_entry_point('shadowsocks==2.6.8', 'console_scripts', 'ssserver')()
File "/usr/lib/python2.7/site-packages/shadowsocks/server.py", line 60, in main
tcp_servers.append(tcprelay.TCPRelay(a_config, dns_resolver, False))
File "/usr/lib/python2.7/site-packages/shadowsocks/tcprelay.py", line 584, in __init__
server_socket.bind(sa)
File "/usr/lib64/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 99] Cannot assign requested address
If you want to check whether the service status is normal without repeatedly restarting it after every change, you can run:
$ sudo ssserver -c /etc/shadowsocks.json -d status
You can also try using the following command instead of the usual server start command:
$ sudo sslocal -c /etc/shadowsocks.json -d start
Check the logs when something goes wrong
Both startup logs and access logs are written to:
/var/log/shadowsocks.log
If the service refuses to start or clients cannot connect properly, this log file should be the first place to inspect.
Install a client
Once the server is up, all that remains is to install a matching Shadowsocks client:
https://github.com/shadowsocks
Where to look for troubleshooting
If you run into installation or startup issues that are not obvious, the issue tracker is often helpful:
https://github.com/shadowsocks/shadowsocks/issues