VPS服务器的创建、Shadowsocks的配置
最新文章ss to v2ray中,建议更换ss为v2ray
参考网址
1 注册和创建Droplets
在此跳过VPS的注册和购买过程,目前可以使用的VPS服务商中比较有名的,国外有Vurtlr、Linode、DigitalOcean,国内有阿里云、腾讯云,具体对比见 可以免费换的VPS商家盘点
笔者使用的是Digital Ocean,附上优惠码:https://m.do.co/c/438f7c8cc2dd,当时注册的时候据说送50刀,但当时耽搁了开始使用的时间,隔了一个月没用就过期了
系统是 CentOS 7 x64 - Enable IPV6
非CentOS7可能导致后续出现python等缺失
本地创建SSH key(已有则跳过此步骤)
ssh key是让我们每次登陆的时候无需输入密码,通过本机机器码验证的方式
1
2
3
4
5
6
7
8
9# 查看本地的SSH key
cd ~/.ssh
ls *.pub
# 创建新的SSH key
ssh-keygen -t rsa -C "email@example.com"
# 将key加入用户列表,否则每次都会需要验证电脑登录密码
ssh-add -k /Users/apple/.ssh/id_rsa
# 复制本地公钥
cat ~/.ssh/id_rsa.pub将公钥添加到DO账号Security中
这个时候使用本机公钥即可远程登录服务器,当然不配置也可以使用密码登录的方式
1
ssh root@IP地址修改密钥登陆为密码登陆的方法:
1
2# 编辑ssh配置文件
vi /etc/ssh/sshd_config找到以下字段,并修改为:
1
2PermitRootLogin yes # 允许根用户登录
PasswordAuthentication no # 打开密码登录重启ssh服务
service sshd restart
2 Shadowsocks
CentOS7自带python2.7,所以直接安装pip
1
2yum -y install pip
pip install shadowsocks创建配置文件
1
vim /etc/shadowsocks.json配置文件内容:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39//普通配置
{
"server":"服务器ip地址",
"server_port":8388,
"local_address": "127.0.0.1",
"local_port":1080,
"password":"你设置的密码",
"timeout":300,
"method":"aes-256-cfb",
"fast_open": false
}
// 多端口配置
// 即把server_port和password两项替换为port_password
{
"server": "服务器ip地址",
"server_ipv6": "::",
"local_address": "127.0.0.1",
"local_port": 1081,
"port_password":
{
"8686":"你设置的密码",
"8687":"你设置的密码",
"8688":"你设置的密码",
"8689":"你设置的密码",
"8690":"你设置的密码"
},
"timeout": 120,
"udp_timeout": 60,
"method": "aes-256-cfb",
"protocol": "auth_sha1_v4_compatible",
"protocol_param": "",
"obfs": "http_simple_compatible",
"obfs_param": "",
"dns_ipv6": false,
"connect_verbose_info": 1,
"redirect": "",
"fast_open": false,
"workers": 1
}ssh服务器启动
1
2
3
4
5
6
7ssserver -c /etc/shadowsocks.json
# 或者在后台运行
ssserver -c /etc/shadowsocks.json -d start
ssserver -c /etc/shadowsocks.json -d stop
# 日志
ssserver -c /etc/shadowsocks.json --log-file /tmp/ss.log -d start
tail -f /tmp/ss.log附加:vim的安装和配置
安装vim
1
yum install vim配置vim
1
vi ~/.vimrcvim配置文件参考
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33" Configuration file for vim
set modelines=0 " CVE-2007-2438
" Normally we use vim-extensions. If you want true vi-compatibility
" remove change the following statements
set nocompatible " Use Vim defaults instead of 100% vi compatibility
set backspace=2 " more powerful backspacing
" Don't write backup file if vim is being called by "crontab -e"
au BufWrite /private/tmp/crontab.* set nowritebackup nobackup
" Don't write backup file if vim is being called by "chpass"
au BufWrite /private/etc/pw.* set nowritebackup nobackup
let skip_defaults_vim=0
syntax on
autocmd InsertLeave * se nocul
autocmd InsertEnter * se cul
set tabstop=4
set softtabstop=4
set shiftwidth=4
set number
colorscheme pablo
set ruler
set scrolloff=3
set rtp+=/usr/local/opt/fzf
3 速度升级和安全性
配置防火墙(可能导致后续安装锐速服务后出现模块冲突,建议最后再打开防火墙)
yum install firewalld一个端口对应两个1
2
3
4
5
2. 配置防火墙文件:
```bash
vi /etc/firewalld/zones/public.xml1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18<?xml version="1.0" encoding="utf-8"?>
<zone>
<short>Public</short>
<service name="dhcpv6-client"/>
<service name="ssh"/>
<port protocol="tcp" port="8686"/>
<port protocol="udp" port="8686"/>
<port protocol="tcp" port="8687"/>
<port protocol="udp" port="8687"/>
<port protocol="tcp" port="8688"/>
<port protocol="udp" port="8688"/>
<port protocol="tcp" port="8689"/>
<port protocol="udp" port="8689"/>
<port protocol="tcp" port="8690"/>
<port protocol="udp" port="8690"/>
<port protocol="tcp" port="8691"/>
<port protocol="udp" port="8691"/>
</zone>重启shadowsocks,重启防火墙
1
2# 重启防火墙
systemctl restart firewalld.service- 启动:
systemctl start firewalld - 关闭: systemctl stop firewalld
- 查看状态:
systemctl status firewalld - 开机禁用 :
systemctl disable firewalld - 开机启用 :
systemctl enable firewalld - 查看开放的端口:
firewall-cmd --list-ports - 添加端口:
firewall-cmd --zone=public --add-port=59008/tcp --permanent(–permanent永久生效,没有此参数重启后失效)
查看所有被占用的端口
netstat -tunlp- 启动:
下载锐速服务(建议直接使用下一条四合一脚本)
1
2
3
4
5
6
7
8
9
10# 对于centOS7 需要先下载需要的固件20140911
rpm -ivh ftp://ftp.pbone.net/mirror/ftp.scientificlinux.org/linux/scientific/7.0/x86_64/updates/security/linux-firmware-20140911-0.1.git365e80c.el7.noarch.rpm
# 更换内核
wget --no-check-certificate -O rskernel.sh https://raw.githubusercontent.com/hombo125/doubi/master/rskernel.sh && bash rskernel.sh
# 内核更换完后显示Success后需要重新连接到服务器
ssh root@IP地址
# 查看当前内核版本
uname -r
# 下载锐速,一路回车安装
yum install net-tools -y && wget --no-check-certificate -O appex.sh https://raw.githubusercontent.com/0oVicero0/serverSpeeder_Install/master/appex.sh && bash appex.sh install-
1
2
3
4
5
6
7
8
9
10
11
12# 下载脚本
wget "https://github.com/cx9208/Linux-NetSpeed/raw/master/tcp.sh" && chmod +x tcp.sh && ./tcp.sh
# 如果证书错误的话
apt-get -y install ca-certificates
yum -y install ca-certificates
# 1-3中选择切换内核,自动重启,如果出现是否删除Configuring image,选择no
# 调用脚本
./tcp.sh
# 在4-8中选择要开的加速
"1. 安装 BBR/BBR魔改版内核" 对应4,5,6(原版,魔改,暴力魔改)
"2. 安装 BBRplus版内核 " 对应7(plus)
"3. 安装 Lotserver(锐速)内核" 对应8(锐速) -
1
2
3
4
5
6
7
8# 断链接
wget -qO- git.io/superbench.sh | bash
# 使用参数
wget -qO- git.io/superbench.sh | bash -s info
wget -qO- git.io/superbench.sh | bash -s io
wget -qO- git.io/superbench.sh | bash -s speed
wget -qO- git.io/superbench.sh | bash -s fast
wget -qO- git.io/superbench.sh | bash -s share
