Shadowsocks is a fast tunnel proxy that helps you bypass firewalls and block certain websites and web protocols. It is also a lightweight, fast and Flexible Encrypted Socks5 proxy. Shadowsocks is used to encrypt the data between client and server communication. It is not a VPN per say, but it can act like a VPN to protect you by encrypting your internet data.

We are using Shadowsocks-libev package on Ubuntu server for setting the shadowsocks server. Now let’s jump into how to install shadowsocks.

Before we begin, update your system by running the below command:

sudo apt update && sudo apt upgrade

Install the Shadowsocks Server

Install dependencies on the Ubuntu

apt install -y –no-install-recommends gettext build-essential autoconf libtool libpcre3-dev \

asciidoc xmlto libev-dev libudns-dev automake libmbedtls-dev \

libsodium-dev git python3-m2crypto libc-ares-dev

Change the directory to /opt and download the Shadowsocks Git:

cd /opt

git clone

cd shadowsocks-libev

git submodule update –init –recursive \

Install Shadowsocks-libev:

apt install pkg-config
make && make install

Configure the Shadowsocks Server
Create a new system user for Shadowsocks

adduser –system –no-create-home –group shadowsocks

Create a directory for the configuration file:

mkdir -m 755 /etc/shadowsocks

Create the Shadowsocks configuration file shadowsocks.json by running:

nano /etc/shadowsocks/shadowsocks.json

Paste the contents shown below in bold into the file:







“fast_open”: true


Optimize Shadowsocks

Create the local.conf system optimization file by running: nano /etc/sysctl.d/local.conf

# max open files

fs.file-max = 51200

# max read buffer

net.core.rmem_max = 67108864

# max write buffer

net.core.wmem_max = 67108864

# default read buffer

net.core.rmem_default = 65536

# default write buffer

net.core.wmem_default = 65536

# max processor input queue

net.core.netdev_max_backlog = 4096

# max backlog

net.core.somaxconn = 4096

# resist SYN flood attacks

net.ipv4.tcp_syncookies = 1

# reuse timewait sockets when safe

net.ipv4.tcp_tw_reuse = 1

# turn off fast timewait sockets recycling

net.ipv4.tcp_tw_recycle = 0

# short FIN timeout

net.ipv4.tcp_fin_timeout = 30

# short keepalive time

net.ipv4.tcp_keepalive_time = 1200

# outbound port range

net.ipv4.ip_local_port_range = 10000 65000

# max SYN backlog

net.ipv4.tcp_max_syn_backlog = 4096

# max timewait sockets held by system simultaneously

net.ipv4.tcp_max_tw_buckets = 5000

# turn on TCP Fast Open on both client and server side

net.ipv4.tcp_fastopen = 3

# TCP receive buffer

net.ipv4.tcp_rmem = 4096 87380 67108864

# TCP write buffer

net.ipv4.tcp_wmem = 4096 65536 67108864

# turn on path MTU discovery

net.ipv4.tcp_mtu_probing = 1

# for high-latency network

net.ipv4.tcp_congestion_control = hybla

# for low-latency network, use cubic instead

net.ipv4.tcp_congestion_control = cubic

Apply optimizations

sysctl –system

Shadowsocks Systemd Service
Create a systemd file shadowsocks.service and paste the contents shown below into the file

nano /etc/systemd/system/shadowsocks.service


Description=Shadowsocks proxy server





ExecStart=/usr/local/bin/ss-server -c /etc/shadowsocks/shadowsocks.json -a shadowsocks -v start

ExecStop=/usr/local/bin/ss-server -c /etc/shadowsocks/shadowsocks.json -a shadowsocks -v stop


Enable and start shadowsocks.service

systemctl daemon-reload

systemctl enable shadowsocks

systemctl start shadowsocks

Allow the port 8388 in the server firewall
ufw allow proto tcp to port 8388 comment “Shadowsocks”

Install Shadowsocks Client and Connect

sudo apt-get install shadowsocks-libev

sudo systemctl stop shadowsocks-libev

sudo systemctl disable shadowsocks-libev

create the client-side configuration file local-config.json and paste the contents shown below into the file

nano /etc/shadowsocks-libev/local-config.json











Then we can start/enable the client by issuing below command

sudo systemctl start shadowsocks-libev-local@local-config.service
sudo systemctl enable shadowsocks-libev-local@local-config.service

Check the status

sudo systemctl status shadowsocks-libev-local@local-config.service

Testing the connection

you can test it directly by using curl in the terminal

curl –proxy socks5://

Your connection details will be listing the IP address of your VPS server instead of the IP of your client device.

Congratulations! You have successfully set up Shadowsocks on your VPS.

Server Hosting Solutions by RackNerd:

Shared Hosting
cPanel Web Hosting in US, Europe, and Asia datacenters
Reseller Hosting
Create your new income stream today with a reseller account
VPS (Virtual Private Server)
Fast and Affordable VPS services - Instantly Deployed
Dedicated Servers
Bare-metal servers, ideal for the performance-demanding use case.

Leave a comment

Your email address will not be published. Required fields are marked *