Skip to content
On this page

Config Format

Config File

Shadowsocks accepts JSON format configs like this:


Explanation of each field:

  • server: your hostname or server IP (IPv4/IPv6).
  • server_port: server port number.
  • local_port: local port number.
  • password: a password used to encrypt transfer.
  • method: encryption method.

Encryption Method

The strongest option is an AEAD cipher. The recommended choice is "chacha20-ietf-poly1305" or "aes-256-gcm". Other stream ciphers are implemented but do not provide integrity and authenticity. Unless otherwise specified the encryption method defaults to "table", which is not secure.

URI and QR code

Shadowsocks for Android / iOS also accepts BASE64 encoded URI format configs:


Where the plain URI should be:


Note that the above URI doesn't follow RFC3986. It means the password here should be plain text, not percent-encoded.

For example, we have a server at using bf-cfb encryption method and password test/!@#:. Then, with the plain URI ss://bf-cfb:test/!@#:@, we can generate the BASE64 encoded URI:

> console.log( "ss://" + btoa("bf-cfb:test/!@#:@") )

To help organize and identify these URIs, you can append a tag after the BASE64 encoded string:


This URI can also be encoded to QR code. Then, just scan it with your Android / iOS devices:


There is also a new URI scheme proposed in SIP002. Any client or server which supports SIP003 plugin should use SIP002 URI scheme instead.

This website is released under the MIT License.