Background
Shadowsocks is a free and open-source proxy protocol originally developed to help users bypass internet censorship in China. Launched in 2012 by a Chinese programmer known as “clowwindy,” it uses the SOCKS5 protocol to encrypt traffic and redirect it through a server located outside the user’s region, making it appear as regular HTTPS traffic. This obfuscation helps it evade detection by firewalls, such as the Great Firewall of China, allowing users to access blocked content and maintain a degree of online privacy.
History aside, we can use the same technology to circumvent our own local internet restrictions whilst preserving privacy. All that hoohah above, why not just use a VPN?
Compared to a full-blown-out VPN, Shadowsocks is lightweight and only encrypts traffic from the application you are running – say your chosen web browser – instead of all the traffic coming in & out of your machine.
Also, it gives you control if you want different traffic to run through different servers instead of a single one.
A quick online search yields countless proxy websites where you can use them for free – from servers free for all to use to virtual web browsers. Stay away from using them if you intend to log into services requiring you to input personal data such as emails & passwords. They are Gratis but not Free; never trust a stranger with your data.
For that, get a server from a region outside your home region/country.
Setup
Server-side
I love Ubuntu Server. For that after updating apt repository, ensure Firewall is running & allow traffic through port 8888:
$ sudo ufw status
$ sudo ufw allow 8888
Install shadowsocks & edit it’s respective config.json file:
$ sudo apt install shadowsocks-libev
$ sudo nano /etc/shadowsocks-libev/config.json
In it, edit or add the following:
{
"server":"0.0.0.0",
"mode":"tcp_and_udp",
"server_port":8888,
"local_port":1080,
"password":"your_strong_password",
"timeout":60,
"method":"chacha20-ietf-poly1305"
}
Replace your_strong_password with your desired password. Ensure it’s strength. Feel free to specify your local_port, timeout in seconds & encryption method. I’m a noob here so I’ll keep them as it is; nothing wrong.
Also ensure that the specified server_port is similar to the port you opened up in the firewall settings above.
Then, restart shadowsocks service & enable it to auto-start at boot:
$ sudo systemctl restart shadowsocks-libev.service
$ sudo systemctl enable shadowsocks-libev.service
Client-side
Setting up on ubuntu client machine is easy & somewhat similar.
$ sudo apt install shadowsocks-libev
$ sudo nano /etc/shadowsocks-libev/client.json
In the config file client.json, edit or add the following:
{
"server":"your_server_ip",
"mode":"tcp_and_udp",
"server_port":8888,
"local_address":"127.0.0.1",
"local_port":1080,
"password":"your_strong_password",
"timeout":60,
"method":"chacha20-ietf-poly1305"
}
where your your_server_ip is, well, your server’s ip address, ensuring server_port, local_port, password, timeout & method are the similar to that of your server’s configurations.
Then start your Shadowsocks client:
$ ss-local -c /etc/shadowsocks-libev/client.json
To run it in the background and start on boot, create a systemd service:
$ sudo nano /etc/systemd/system/shadowsocks-client.service
and add the following:
[Unit]
Description=Shadowsocks Client Service
After=network.target
[Service]
ExecStart=/usr/bin/ss-local -c /etc/shadowsocks-libev/client.json
[Install]
WantedBy=multi-user.target
Enable and start the service:
$ sudo systemctl enable shadowsocks-client.service
$ sudo systemctl start shadowsocks-client.service
Done! Now go on to your favourite web browser and under proxy settings, configure it to use SOCKS5 proxy at 127.0.0.1:1080 or if you configured it differently:
local_address:local_port