The original Python release of shadowsocks supports multiple users through configuration, by assigning different passwords on multiple ports.
Currently I am using
shadowsocks-libev, which is the libev port of shadowsocks. And I also need to support the usage of multiple users. According to Madeye’s reply to the GitHub Issue, shadowsocks-libev does not support multi-port configuration:
Sorry, we have no plan to support multi port configuration. Actually you can use multiple instances instead. For example:
ss-server -c config1.json -f pid1
ss-server -c config2.json -f pid2
ss-server -c config3.json -f pid3
As the best practice we recommend for
shadowsocks-libev, it helps to isolate each user in different processes and reconfigure each user’s port/password/encryption/timeout without reload/restart the whole service. Furthermore, this approach enables us to manage users with legacy control panels, for example old SSH / VHOST panels with each user’s
ss-serverrunning in its own space.
Compared to other implementations,
shadowsocks-libevuses much fewer resources (about 1MB memory and hundreds of file descriptors in a typical usage) . As a result, this kind of multi processes should only introduce slight overhead and even works well for low end boxes.
I choose to use
systemctl to manage the
systemd instances of
shadowsocks-libev. The following template unit files are installed in the
Take a look at the template unit file
With the help of template unit files, service instances could be deployed and managed easily. For example, Cloud and Tifa, two AVALANCHE members, are planning to deploy
shadowsocks-libev services on the same VPS to bypass the firewall of Shinra Inc. In this case, they could simply create
tifa.json configurations with different ports, passwords and encryption methods in
/etc/shadowsocks-libev directory. Then enable and start the
systemd services using the following commands:
sudo systemctl enable email@example.com --now
The status of
shadowsocks-libev instances could be checked with the following commands:
sudo systemctl status firstname.lastname@example.org
That’s all done. Enjoy!