ss上网

安装Shadowsocks客户端

sudo yum -y install epel-release
sudo yum -y install python-pip

安装Shadowsocks客户端

sudo pip install shadowsocks

配置Shadowsocks连接

sudo mkdir /etc/shadowsocks
sudo vi /etc/shadowsocks/shadowsocks.json
{
    "server":"x.x.x.x",  # Shadowsocks服务器地址
    "server_port":1035,  # Shadowsocks服务器端口
    "local_address": "127.0.0.1", # 本地IP
    "local_port":1080,  # 本地端口
    "password":"password", # Shadowsocks连接密码
    "timeout":300,  # 等待超时时间
    "method":"aes-256-cfb",  # 加密方式
    "fast_open": false,  # true或false。开启fast_open以降低延迟，但要求Linux内核在3.7+
    "workers": 1  #工作线程数 
}

新建启动脚本文件/etc/systemd/system/shadowsocks.service

[Unit]
Description=Shadowsocks
[Service]
TimeoutStartSec=0
ExecStart=/usr/bin/sslocal -c /etc/shadowsocks/shadowsocks.json
[Install]
WantedBy=multi-user.target

验证Shadowsocks客户端服务是否正常运行

curl --socks5 127.0.0.1:1080 http://httpbin.org/ip

安装配置privoxy

yum install privoxy -y
systemctl enable privoxy
systemctl start privoxy
systemctl status privoxy

配置privoxy

修改配置文件/etc/privoxy/config
listen-address 127.0.0.1:8118 # 8118 是默认端口，不用改
forward-socks5t / 127.0.0.1:1080 . #转发到本地端口，注意最后有个点

设置http、https代理

# vi /etc/profile 在最后添加如下信息
PROXY_HOST=127.0.0.1
export all_proxy=http://$PROXY_HOST:8118
export ftp_proxy=http://$PROXY_HOST:8118
export http_proxy=http://$PROXY_HOST:8118
export https_proxy=http://$PROXY_HOST:8118
export no_proxy=localhost,172.16.0.0/16,192.168.0.0/16.,127.0.0.1,10.10.0.0/16

# 重载环境变量
source /etc/profile

测试代理

[root@aniu-k8s ~]# curl -I www.google.com 
HTTP/1.1 200 OK
Date: Fri, 26 Jan 2018 05:32:37 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2018-01-26-05; expires=Sun, 25-Feb-2018 05:32:37 GMT; path=/; domain=.google.com
Set-Cookie: NID=122=PIiGck3gwvrrJSaiwkSKJ5UrfO4WtAO80T4yipOx4R4O0zcgOEdvsKRePWN1DFM66g8PPF4aouhY4JIs7tENdRm7H9hkq5xm4y1yNJ-sZzwVJCLY_OK37sfI5LnSBtb7; expires=Sat, 28-Jul-2018 05:32:37 GMT; path=/; domain=.google.com; HttpOnly
Transfer-Encoding: chunked
Accept-Ranges: none
Vary: Accept-Encoding
Proxy-Connection: keep-alive

取消使用代理

while read var; do unset $var; done < <(env | grep -i proxy | awk -F= '{print $1}')

Linux下安装libsodium,启用ss的chacha20高级加密

libsodium是给SS提供chacha20、salsa20、chacha20-ietf等高级加密所必须的扩展库，因为chacha20加密，安全性与aes-256-cfb相近，但效率比aes-256-cfb高，所以推荐启用chacha20加密.为了启用chacha20加密，我们先安装libsodium。记得下面全部要用root登录你的服务器，不能直接弄的就sudo.
--------------------- 
作者：lengconglin 
来源：CSDN 
原文：https://blog.csdn.net/lengconglin/article/details/77655845 
版权声明：本文为博主原创文章，转载请附上博文链接！

CentOS安装 
#因为这库是基于C语言的，所以我们先去安装GCC
    yum -y groupinstall "Development Tools"
    #下载最新稳定版本
    wget https://download.libsodium.org/libsodium/releases/LATEST.tar.gz
    #解压
    tar xf LATEST.tar.gz && cd libsodium-1.0.11
    #编译
    ./configure && make -j4 && make install
    echo /usr/local/lib > /etc/ld.so.conf.d/usr_local_lib.conf
    ldconfig
--------------------- 
作者：lengconglin 
来源：CSDN 
原文：https://blog.csdn.net/lengconglin/article/details/77655845 
版权声明：本文为博主原创文章，转载请附上博文链接！

Ubuntu安装
 apt-get install build-essential
    wget https://download.libsodium.org/libsodium/releases/LATEST.tar.gz
    tar xf libsodium-1.0.10.tar.gz && cd libsodium-1.0.10
    ./configure && make -j4 && make install
    ldconfig
--------------------- 
作者：lengconglin 
来源：CSDN 
原文：https://blog.csdn.net/lengconglin/article/details/77655845 
版权声明：本文为博主原创文章，转载请附上博文链接！

然后我们就可以修改ss的配置文件来开启效率更高的chacha20加密.

ss账号密码：https://bbs.feng.com/read-htm-tid-11996376.html