Github url

shadowsocks-go

by shadowsocks

shadowsocks /shadowsocks-go

go port of shadowsocks (Deprecated)

6.7K Stars 3.6K Forks Last release: over 3 years ago (1.2.1) Apache License 2.0 370 Commits 11 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

Deprecated

Use https://github.com/shadowsocks/go-shadowsocks2 instead.

shadowsocks-go

Current version: 1.2.2 Build Status

shadowsocks-go is a lightweight tunnel proxy which can help you get through firewalls. It is a port of shadowsocks.

The protocol is compatible with the origin shadowsocks (if both have been upgraded to the latest version).

**Note

server\_password

option syntax changed in 0.6.2, the client now connects to servers in the order specified in the config.**

Please develop on the latest develop branch if you want to send pull request.

Install

Download precompiled binarys from the release page. (All compiled with cgo disabled, except the mac version.)

You can also install from source (assume you have go installed):

# on server go get github.com/shadowsocks/shadowsocks-go/cmd/shadowsocks-server # on client go get github.com/shadowsocks/shadowsocks-go/cmd/shadowsocks-local

It's recommended to disable cgo when compiling shadowsocks-go. This will prevent the go runtime from creating too many threads for dns lookup.

Usage

Both the server and client program will look for

config.json

in the current directory. You can use

-c

option to specify another configuration file.

Configuration file is in json format and has the same syntax with shadowsocks-nodejs. You can download the sample [

config.json

](https://github.com/shadowsocks/shadowsocks-go/blob/master/config.json), change the following values:

server your server ip or hostname server\_port server port local\_port local socks5 proxy port method encryption method, null by default (table), the following methods are supported: aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb, rc4-md5, rc4-md5-6, chacha20, salsa20, rc4, table password a password used to encrypt transfer timeout server option, in seconds

Run

shadowsocks-server

on your server. To run it in the background, run

shadowsocks-server \> log &

.

On client, run

shadowsocks-local

. Change proxy settings of your browser to

SOCKS5 127.0.0.1:local\_port

About encryption methods

AES is recommended for shadowsocks-go. Intel AES Instruction Set will be used if available and can make encryption/decryption very fast. To be more specific, **``` aes-128-cfb

 is recommended as it is faster and [secure enough](https://www.schneier.com/blog/archives/2009/07/another_new_aes.html)**.

**rc4 and table encryption methods are deprecated because they are not secure.**

### One Time Auth

OTA function is deprecated because it is reported to have potential security risk.

## Command line options

Command line options can override settings from configuration files. Use

-h

 option to see all available options.

shadowsocks-local -s server_address -p server_port -k password -m aes-128-cfb -c config.json -b local_address -l local_port shadowsocks-server -p server_port -k password -m aes-128-cfb -c config.json -t timeout


Use

-d

 option to enable debug message.
## Use multiple servers on client

server_password specify multiple server and password, server should be in the form of host:port


Here's a sample configuration [

client-multi-server.json

](https://github.com/shadowsocks/shadowsocks-go/blob/master/sample-config/client-multi-server.json). Given

server_password

, client program will ignore 

server_port

, 

server

 and 

password

 options.

Servers are chosen in the order specified in the config. If a server can't be connected (connection failure), the client will try the next one. (Client will retry failed server with some probability to discover server recovery.)

## Multiple users with different passwords on server

The server can support users with different passwords. Each user will be served by a unique port. Use the following options on the server for such setup:

port_password specify multiple ports and passwords to support multiple users


Here's a sample configuration [

server-multi-port.json

](https://github.com/shadowsocks/shadowsocks-go/blob/master/sample-config/server-multi-port.json). Given

port_password

, server program will ignore 

server_port

 and 

password

 options.
### Update port password for a running server

Edit the config file used to start the server, then send

SIGHUP

``` to the server process.

Note to OpenVZ users

Use OpenVZ VM that supports vswap. Otherwise, the OS will incorrectly account much more memory than actually used. shadowsocks-go on OpenVZ VM with vswap takes about 3MB memory after startup. (Refer to this issue for more details.)

If vswap is not an option and memory usage is a problem for you, try shadowsocks-libev.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.