Easy VPN with DigitalOcean and ShadowSocks

If you are often in a cafe or library with shared internet, it’s best to go through a VPN so any unencrypted traffic isn’t detected by any local hackers – while there are many vpn packages, it is easy enough to make your own and connect to it with shadowsocks. This can give you good performance even on a $5/mo digitalocean server!*

To install Shadowsocks on a server (that will be accessing the internet for you), ssh to your server and use:

sudo apt install python-pip3 -y
sudo pip3 install -U git+https://github.com/shadowsocks/shadowsocks.git@master
sudo nano /etc/shadowsocks.json

In the editor, add the following in your file:

{
   "server":"IP.OF.SERVER",
   "server_port":8388,
   "local_port":0,
   "password":"somesecretpassword",
   "timeout":600,
   "method":"aes-256-gcm"
}

Your password is whatever you want it to be and the IP.OF.SERVER would be replaced with the numbers you see in your Digitalocean account’s droplet that you see here:

Then start this on the server:

ssserver -c /etc/shadowsocks.json –user nobody -d start

Note the “nobody” user is often used to keep any possibly hacked process from writing files as root or as your ordinary user. If you want to restart it again with different options, you will likely get:

2020-09-08 01:20:32 INFO     loading libcrypto from libcrypto.so.1.1
2020-09-08 01:20:32 INFO     loading libsodium from libsodium.so.23
2020-09-08 01:20:32 ERROR    already started at pid 9022

In this case, run “kill 9022” and run again.

Now, install Shadowsocks for your Android or other device, and set it up with the options above filled out – Port=8388, IP=server IP, method=aes-256-gcm, password = chosenpassword.

Parts of this article based off of the troubleshooting guide here.

*Disclosure – affiliate link here, get $100 in digital-ocean usage over 60 days free.

Leave a Reply

Your email address will not be published. Required fields are marked *

+ fifty one = 61