Install and configure ss5 socks proxy with simple authentication
SS5 is a high performance socks proxy server implementing SOCK4 and SOCKS5 protocols. This step-by-step guide describes installation and configuration of SS5 with user/password authentication on a RHEL/CentOS server.
1. Download the latest source rpm from sourceforge.net.
wget http://downloads.sourceforge.net/ss5/ss5-3.7.9-2.src.rpm
2. Build the source rpm.
This requires the rpmbuild tool provided by rpm-build package. Also, ss5 requires openldap-devel, pam-devel and openssl-devel deveopment packages. Install these packages with yum:
yum install rpm-build openldap-devel pam-devel openssl-devel libgssapi-devel -y (for 32 bit Linux)
yum install rpm-build.x86_64 openldap-devel.x86_64 pam-devel.x86_64 openssl-devel.x86_64 libgssapi-devel.x86_64 -y (for 64 bit Linux)
Now build ss5-3.7.9-2.src.rpm and create the rpm package:
rpmbuild –rebuild ss5-3.7.9-2.src.rpm
3. Install SS5 rpm package
After building, the rpm package will be created in /usr/src/redhat/RPMS/x86_64/ (for 64 bit Linux) or in /usr/src/redhat/RPMS/i386/ (for 32 bit Linux). You can install the rpm using following command:
rpm -ivh /usr/src/redhat/RPMS/x86_64/ss5-3.7.9-2.x86_64.rpm (for 64 bit Linux)
rpm -ivh /usr/src/redhat/RPMS/i386/ss5-3.7.9-2.i386.rpm (for 32 bit Linux)
4. Run SS5 as root and change the port to 9999 (default port is 1080)
Edit /etc/init.d/ss5 and put following lines at the top after shabang:
export SS5_SOCKS_PORT=9999
export SS5_SOCKS_USER=root
You can use any available port you want.
5. User/password authentication
SS5 configuration file is /etc/opt/ss5/ss5.conf. The ‘auth’ directive sets the authentication policy.
For no authentication,
auth 0.0.0.0/0 – –
For user/pass auth,
auth 0.0.0.0/0 – u
The user/password pairs are stored in /etc/opt/ss5/ss5.passwd. Make sure that this file is readable only by root:
chown root.root /etc/opt/ss5/ss5.passwd
chmod 750 /etc/opt/ss5/ss5.passwd
In /etc/opt/ss5/ss5.passwd, specify user and pass separated by a space and one user/password per line.
Example:
user1 pass1
user2 pass2
6. Permission
Allow all hosts to connect:
permit – 0.0.0.0/0 – 0.0.0.0/0 – – – – -
7. Start ss5
service ss5 start