Setup SS5 Socks Proxy

Install and configure ss5 socks proxy with simple authentication


SS5 is a high performance socks proxy server implementing SOCK4 and SOCKS5 protocols. This step-by-step guide describes installation and configuration of SS5 with user/password authentication on a RHEL/CentOS server.

1. Download the latest source rpm from sourceforge.net.

wget http://downloads.sourceforge.net/ss5/ss5-3.7.9-2.src.rpm

2. Build the source rpm.

This requires the rpmbuild tool provided by rpm-build package. Also, ss5 requires openldap-devel, pam-devel and openssl-devel deveopment packages. Install these packages with yum:

yum install rpm-build openldap-devel pam-devel openssl-devel libgssapi-devel -y (for 32 bit Linux)
yum install rpm-build.x86_64 openldap-devel.x86_64 pam-devel.x86_64 openssl-devel.x86_64 libgssapi-devel.x86_64 -y (for 64 bit Linux)

Now build ss5-3.7.9-2.src.rpm and create the rpm package:

rpmbuild –rebuild ss5-3.7.9-2.src.rpm

3. Install SS5 rpm package

After building, the rpm package will be created in /usr/src/redhat/RPMS/x86_64/ (for 64 bit Linux) or in /usr/src/redhat/RPMS/i386/ (for 32 bit Linux). You can install the rpm using following command:

rpm -ivh /usr/src/redhat/RPMS/x86_64/ss5-3.7.9-2.x86_64.rpm (for 64 bit Linux)
rpm -ivh /usr/src/redhat/RPMS/i386/ss5-3.7.9-2.i386.rpm (for 32 bit Linux)

4. Run SS5 as root and change the port to 9999 (default port is 1080)

Edit /etc/init.d/ss5 and put following lines at the top after shabang:

export SS5_SOCKS_PORT=9999
export SS5_SOCKS_USER=root

You can use any available port you want. 

5. User/password authentication

SS5 configuration file is /etc/opt/ss5/ss5.conf. The ‘auth’ directive sets the authentication policy.

For no authentication,
auth 0.0.0.0/0 – – 

For user/pass auth,
auth 0.0.0.0/0 – u

The user/password pairs are stored in /etc/opt/ss5/ss5.passwd. Make sure that this file is readable only by root:

chown root.root /etc/opt/ss5/ss5.passwd
chmod 750 /etc/opt/ss5/ss5.passwd

In /etc/opt/ss5/ss5.passwd, specify user and pass separated by a space and one user/password per line.

Example:
user1 pass1
user2 pass2

6. Permission

Allow all hosts to connect:

permit – 0.0.0.0/0 – 0.0.0.0/0 – – – – -

7. Start ss5

service ss5 start