Shadowsocks accepts JSON format configs like this:
{
"server":"my_server_ip",
"server_port":8388,
"local_port":1080,
"password":"barfoo!",
"method":"chacha20-ietf-poly1305"
}
Explanation of each field:
server
: your hostname or server IP (IPv4/IPv6).server_port
: server port number.local_port
: local port number.password
: a password used to encrypt transfer.method
: encryption method.The strongest option is an AEAD cipher. The recommended choice is "chacha20-ietf-poly1305" or "aes-256-gcm". Other stream ciphers are implemented but do not provide integrity and authenticity. Unless otherwise specified the encryption method defaults to "table", which is not secure.
Shadowsocks for Android / iOS also accepts BASE64 encoded URI format configs:
ss://BASE64-ENCODED-STRING-WITHOUT-PADDING#TAG
Where the plain URI should be:
ss://method:[email protected]:port
Note that the above URI doesn't follow RFC3986. It means the password here should be plain text, not percent-encoded.
For example, we have a server at 192.168.100.1:8888
using bf-cfb
encryption method and password test/[email protected]#:
. Then, with the plain URI ss://bf-cfb:test/[email protected]#:@192.168.100.1:8888
, we can generate the BASE64 encoded URI:
> console.log( "ss://" + btoa("bf-cfb:test/[email protected]#:@192.168.100.1:8888") )
ss://YmYtY2ZiOnRlc3QvIUAjOkAxOTIuMTY4LjEwMC4xOjg4ODg
To help organize and identify these URIs, you can append a tag after the BASE64 encoded string:
ss://YmYtY2ZiOnRlc3QvIUAjOkAxOTIuMTY4LjEwMC4xOjg4ODg#example-server
This URI can also be encoded to QR code. Then, just scan it with your Android / iOS devices:
There is also a new URI scheme proposed in SIP002. Any client or server which supports SIP003 plugin should use SIP002 URI scheme instead.