GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
SS-SERVER(1) Shadowsocks-libev Manual SS-SERVER(1)

ss-server - shadowsocks server, libev port

ss-server [-uUv] [-h|--help] [-s <server_host>] [-p <server_port>] [-l <local_port>] [-k <password>] [-m <encrypt_method>] [-f <pid_file>] [-t <timeout>] [-c <config_file>] [-i <interface>] [-a <user_name>] [-d <addr>] [-n <nofile>] [-b <local_address>] [--fast-open] [--reuse-port] [--mptcp] [--acl <acl_config>] [--mtu <MTU>] [--no-delay] [--manager-address <path_to_unix_domain>] [--plugin <plugin_name>] [--plugin-opts <plugin_options>] [--password <password>] [--key <key_in_base64>]

Shadowsocks-libev is a lightweight and secure socks5 proxy. It is a port of the original shadowsocks created by clowwindy. Shadowsocks-libev is written in pure C and takes advantage of libev to achieve both high performance and low resource consumption.

Shadowsocks-libev consists of five components. ss-server(1) runs on a remote server to provide secured tunnel service. For more information, check out shadowsocks-libev(8).

-s <server_host>
Set the server’s hostname or IP.

-p <server_port>

Set the server’s port number.

-k <password>, --password <password>

Set the password. The server and the client should use the same password.

--key <key_in_base64>

Set the key directly. The key should be encoded with URL-safe Base64.

-m <encrypt_method>

Set the cipher.

Shadowsocks-libev accepts 19 different ciphers:

aes-128-gcm, aes-192-gcm, aes-256-gcm, rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, chacha20-ietf-poly1305, xchacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf.

If built with PolarSSL or custom OpenSSL libraries, some of these ciphers may not work.

-a <user_name>

Run as a specific user.

-f <pid_file>

Start shadowsocks as a daemon with specific pid file.

-t <timeout>

Set the socket timeout in seconds. The default value is 60.

-c <config_file>

Use a configuration file.

Refer to shadowsocks-libev(8) CONFIG FILE section for more details.

-n <number>

Specify max number of open files.

Only available on Linux.

-i <interface>

Send traffic through specific network interface.

For example, there are three interfaces in your device, which is lo (127.0.0.1), eth0 (192.168.0.1) and eth1 (192.168.0.2). Meanwhile, you configure ss-server to listen on 0.0.0.0:8388 and bind to eth1. That results the traffic go out through eth1, but not lo nor eth0. This option is useful to control traffic in multi-interface environment.

-b <local_address>

Specify the local address to use while this server is making outbound connections to remote servers on behalf of the clients.

-u

Enable UDP relay.

-U

Enable UDP relay and disable TCP relay.

-6

Resovle hostname to IPv6 address first.

-d <addr>

Setup name servers for internal DNS resolver (libc-ares). The default server is fetched from /etc/resolv.conf.

--fast-open

Enable TCP fast open.

Only available with Linux kernel > 3.7.0.

--reuse-port

Enable port reuse.

Only available with Linux kernel > 3.9.0.

--no-delay

Enable TCP_NODELAY.

--acl <acl_config>

Enable ACL (Access Control List) and specify config file.

--manager-address <path_to_unix_domain>

Specify UNIX domain socket address for the communication between ss-manager(1) and ss-server(1).

Only available in server and manager mode.

--mtu <MTU>

Specify the MTU of your network interface.

--mptcp

Enable Multipath TCP.

Only available with MPTCP enabled Linux kernel.

--plugin <plugin_name>

Enable SIP003 plugin. (Experimental)

--plugin-opts <plugin_options>

Set SIP003 plugin options. (Experimental)

-v

Enable verbose mode.

-h|--help

Print help message.

It is recommended to use a config file when starting ss-server(1).

The config file is written in JSON and is easy to edit. Check out the SEE ALSO section for the default path of config file.

# Start the ss-server
ss-server -c /etc/shadowsocks-libev/config.json

The config file of shadowsocks-libev(8) is slightly different from original shadowsocks.

In order to listen to both IPv4/IPv6 address, use the following grammar in your config json file:

{
"server":["::0","0.0.0.0"],
...
}

ss-server(1) also does not understand "port_password" field in config file. If you want to start up multiple server instances with a single config file, please try ss-manager tool. See ss-manager(8) for details.

ss-local(1), ss-tunnel(1), ss-redir(1), ss-manager(1), shadowsocks-libev(8), iptables(8), /etc/shadowsocks-libev/config.json
04/09/2022 Shadowsocks-libev 3.3.5

Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.